All Apps and Add-ons

ScriptRunner - "Couldn't start child process" error when trying to execute a custom alert action script?

TimEek
Path Finder

As the title suggests, Im getting the following error when trying to execute a custom alert action script.

The script is quite simple. Its a shell script that basically looks like this:

#!/bin/bash
if [[ "$1" == "--execute" ]]; then
https_proxy=proxyname:port curl --header "content-type: text/soap+xml; charset=UTF-8" --data @alertBody.xml https://url/api
fi

If I execute this through the command line using: sh alert.sh --execute, it works perfectly. But I get the above error instead. It references the script in the following way:

ERROR ScriptRunner - Couldn't start child process. script="/opt/splunk/etc/apps/alert_app/bin/alert.sh --execute"

I am not trying to give arguments to the script. It's a simple script that posts to an API with predetermined text that's always the same in the xml body. My alert actions looks as follows:

[alert]
is_custom=1
label=alertTest
icon_path=logevent.png
disabled=0

Adding some fields didn't help, but maybe someone can help me find which ones are mandatory? I copied the png from another alerting app and placed it in the same folder.

 

Labels (2)
Tags (1)
0 Karma
1 Solution

TimEek
Path Finder

In case anyone finds this in the future.. Problems are usually easier to solve than you think. I discovered that the permissions for my linux systems were out of wack, so chmod 700 on the script was enough to get me through this step. Good luck to anyone else!

View solution in original post

TimEek
Path Finder

In case anyone finds this in the future.. Problems are usually easier to solve than you think. I discovered that the permissions for my linux systems were out of wack, so chmod 700 on the script was enough to get me through this step. Good luck to anyone else!

alexis
Explorer

good job. thanks

0 Karma
Get Updates on the Splunk Community!

Using Machine Learning for Hunting Security Threats

WATCH NOW Seeing the exponential hike in global cyber threat spectrum, organizations are now striving more for ...

New Learning Videos on Topics Most Requested by You! Plus This Month’s New Splunk ...

Splunk Lantern is a customer success center that provides advice from Splunk experts on valuable data ...

How I Instrumented a Rust Application Without Knowing Rust

As a technical writer, I often have to edit or create code snippets for Splunk's distributions of ...