All Apps and Add-ons
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Slack Notification Alert: Any way to send an inline table like email alert does?

worshamn
Contributor
‎09-07-2016 07:17 AM

I think I know the answer but I was hoping it wasn't so. Is there any way to send an inline table to Slack as part of the alert action from Slack Notification Alert app similar to how email alerts have that option? I know you could send a slack per result, but that would look ugly and not communicate what a table could say. I have used the slackit app which can send a text table, however it does not have an alert action like this app does (because I want to only send if there exist results).

0 Karma
Reply

richard_wilhite
Explorer
‎09-21-2016 12:46 PM

The issue is one part Slack formatting one part splunk data, I believe. I was also looking at this the other day, and here are some links that might help you.

I didn't dig much further. What I wanted to post in Slack, didn't seem to justify the time a full solution would require. However, this may make for a nice project over the winter break.

0 Karma
Reply

nadlurinadluri
Communicator
‎08-13-2018 03:56 PM

I know this is too old, but any luck with this?

0 Karma
Reply

russellliss
Path Finder
‎09-21-2016 08:19 AM

Have you tried to use the $result.fieldname$ token, and change the trigger to "For each result", otherwise you will just get the first row?

0 Karma
Reply

worshamn
Contributor
‎09-21-2016 12:26 PM

When I said "I know you could send a slack per result" I was referring to "For each result". But as I mentioned that would really look ugly in Slack and not communicate as well what a table can say.

0 Karma
Reply

manish_singh_77
Builder
‎01-07-2020 01:14 AM

@worshamn

Is there no way we can add inline table results of Splunk query to Slack messenger?

0 Karma
Reply

nadlurinadluri
Communicator
‎01-07-2020 08:35 AM

The best way would be to make it a multivalued and send the first event alone. that way the first row will consists the other data too.

0 Karma
Reply

worshamn
Contributor
‎01-07-2020 06:26 AM

I so far only know of an older app that was archived which creates a text table in Slack https://splunkbase.splunk.com/app/2784/

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk AI Assistant for SPL | Key Use Cases to Unlock the Power of SPL

Splunk AI Assistant for SPL | Key Use Cases to Unlock the Power of SPL  The Splunk AI Assistant for SPL ...

Buttercup Games: Further Dashboarding Techniques (Part 5)

This series of blogs assumes you have already completed the Splunk Enterprise Search Tutorial as it uses the ...

Customers Increasingly Choose Splunk for Observability

For the second year in a row, Splunk was recognized as a Leader in the 2024 Gartner® Magic Quadrant™ for ...
Top