All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Slack Add on App

manish_singh_77
Builder
‎05-19-2020 12:01 AM

Hi Folks,

I am getting an error message when trying to send alerts from Splunk to Slack.

Here is an error message:

sendmodalert - action=slack_webhook_alert - Alert action script returned error code=255
ERROR SearchScheduler - Error in 'sendalert' command: Alert script returned error code 255., search='sendalert slack_webhook_alert results_file

Any idea, what must be causing this issue?

Tags (2)
0 Karma
Reply

rkyadav
Path Finder
‎05-19-2020 01:02 AM

You can check out two option :
1. Check the permissions on your stored credential objects. They must be shared either globally or within the slack_webhook_alert app.
2.checkpointer-from where you are trying to access

0 Karma
Reply

manish_singh_77
Builder
‎05-19-2020 01:07 AM

@rkyadav

I did not understand the second point, I also noticed that when configured the new webhook_name alerts are coming but not coming in the set duration.

For instance, if alert has been scheduled to run every 5 mins then in 30 mins, I am getting only 2 alerts.

0 Karma
Reply

rkyadav
Path Finder
‎05-19-2020 01:26 AM

Do you have issue with Error code=255 or scheduling an alert ?

Try changing the trigger action to "For each result"

0 Karma
Reply

manish_singh_77
Builder
‎05-19-2020 02:02 AM

@rkyadav

I have set the trigger action to once only.

0 Karma
Reply

manish_singh_77
Builder
‎05-19-2020 02:04 AM

@rkyadav

We don't have to trigger for each result as it will create unnecessary confusion for the users.

0 Karma
Reply

manish_singh_77
Builder
‎05-19-2020 02:08 AM

@rkyadav

I am majorly observing delay in the alerts on Slack channel.

0 Karma
Reply

rkyadav
Path Finder
‎05-20-2020 12:29 AM

check out your connectivity , seems like have an issue

0 Karma
Reply

rkyadav
Path Finder
‎05-20-2020 12:36 AM

Error 255 : This is usually happens when the remote is down/unavailable; or the remote machine doesn't have ssh installed; or a firewall doesn't allow a connection to be established to the remote host or could be your host key verification failed.

0 Karma
Reply
Get Updates on the Splunk Community!

Observe and Secure All Apps with Splunk

  Join Us for Our Next Tech Talk: Observe and Secure All Apps with SplunkAs organizations continue to innovate ...

Splunk Decoded: Business Transactions vs Business IQ

It’s the morning of Black Friday, and your e-commerce site is handling 10x normal traffic. Orders are flowing, ...

Fastest way to demo Observability

I’ve been having a lot of fun learning about Kubernetes and Observability. I set myself an interesting ...