All Apps and Add-ons

Microsoft Teams Webhook Alert Connector: Receiving "Error 400: Bad Request" after configuration. Has anyone been able to get this add-on to work?

ddavenpo
Explorer

Has anyone been able to get this to work? I just configured it. The configuration is crazy simple...but I am getting a 400 error:

ERROR sendmodalert - action=teams STDERR -  Error sending webhook request: HTTP Error 400: Bad Request
0 Karma
1 Solution

ddavenpo
Explorer

I figured out my issue. I was allowing the raw log to be passed to the alert. I think this was just too much information for the webhook receiver in Teams to handle. I changed my search to output a simple table with just a few values (which was what I actually wanted) and it worked just fine.

View solution in original post

ddavenpo
Explorer

I figured out my issue. I was allowing the raw log to be passed to the alert. I think this was just too much information for the webhook receiver in Teams to handle. I changed my search to output a simple table with just a few values (which was what I actually wanted) and it worked just fine.

cchimento
Path Finder

Hello - can you please post a search string example that you're sending to the alert and possible what your teams feed looks like when it receives that alert?

I am only getting one result from the table. Then a link to open in Splunk. I'd rather not.

So in short, I'm looking to expand and show more results in the Teams Feed.

0 Karma

ddavenpo
Explorer

I've tried removing the user agent component from the python script and that hasn't resolved the issue. I have successfully used the webhook URL in a simple curl command.

0 Karma

jesusreyes
New Member

Do you have any implementation guide for splunk with ms teams?

0 Karma
Get Updates on the Splunk Community!

Optimize Cloud Monitoring

  TECH TALKS Optimize Cloud Monitoring Tuesday, August 13, 2024  |  11:00AM–12:00PM PST   Register to ...

What's New in Splunk Cloud Platform 9.2.2403?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.2.2403! Analysts can ...

Stay Connected: Your Guide to July and August Tech Talks, Office Hours, and Webinars!

Dive into our sizzling summer lineup for July and August Community Office Hours and Tech Talks. Scroll down to ...