Re: Slack Add on App

manish_singh_77 · ‎05-19-2020

Hi Folks,

I am getting an error message when trying to send alerts from Splunk to Slack.

Here is an error message:

sendmodalert - action=slack_webhook_alert - Alert action script returned error code=255
ERROR SearchScheduler - Error in 'sendalert' command: Alert script returned error code 255., search='sendalert slack_webhook_alert results_file

Any idea, what must be causing this issue?

rkyadav · ‎05-19-2020

You can check out two option :
1. Check the permissions on your stored credential objects. They must be shared either globally or within the slack_webhook_alert app.
2.checkpointer-from where you are trying to access

manish_singh_77 · ‎05-19-2020

@rkyadav

I did not understand the second point, I also noticed that when configured the new webhook_name alerts are coming but not coming in the set duration.

For instance, if alert has been scheduled to run every 5 mins then in 30 mins, I am getting only 2 alerts.

rkyadav · ‎05-19-2020

Do you have issue with Error code=255 or scheduling an alert ?

Try changing the trigger action to "For each result"

manish_singh_77 · ‎05-19-2020

@rkyadav

I have set the trigger action to once only.

manish_singh_77 · ‎05-19-2020

@rkyadav

We don't have to trigger for each result as it will create unnecessary confusion for the users.

manish_singh_77 · ‎05-19-2020

@rkyadav

I am majorly observing delay in the alerts on Slack channel.

rkyadav · ‎05-20-2020

check out your connectivity , seems like have an issue

rkyadav · ‎05-20-2020

Error 255 : This is usually happens when the remote is down/unavailable; or the remote machine doesn't have ssh installed; or a firewall doesn't allow a connection to be established to the remote host or could be your host key verification failed.

Slack Add on App

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics!

New in Observability Cloud - Explicit Bucket Histograms