All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Splunk - Add-on builder - cant execute webhooks

jtlittle
Path Finder
‎03-07-2018 08:57 PM

anyone know why I cant execute filesystem commands in the app builder with python and slack web hooks?

https://splunkbase.splunk.com/app/2962/
user log 1:

2018-03-07 18:34:42,033 ERROR pid=24690 tid=MainThread file=cim_actions.py:message:271 | sendmodaction - signature="Error: 'module' object has no attribute 'process_event'. Please double check spelling and also verify that a compatible version of Splunk_SA_CIM is installed." action_name="test_alert" search_name="test_arf" sid="1520447680.116" rid="0" app="TA-fancydudeapp" user="admin" action_mode="adhoc" action_status="failure"

log 2:

The os module/method can be used to execute filesystem commands.

Reply
1 Solution
Solved! Jump to solution
Solution

starcher
Influencer
‎03-08-2018 08:46 AM

Make sure for every gui parameter you have a line in the default alert_actions.conf

[test_alert]
param.process_event =

View solution in original post

0 Karma
Reply
Solved! Jump to solution

jtlittle
Path Finder
‎03-08-2018 09:55 AM

ok so the add-on builder does not do this for you?

support has me using this

https://splunkbase.splunk.com/app/2962/

I can check the alert_actions.conf

I think ill need to SSH to it and use nano cause I don't recall that ability in the app.

thanks for your recomendation ill try that.

-Jon

0 Karma
Reply
Solved! Jump to solution
Solution

starcher
Influencer
‎03-08-2018 08:46 AM

Make sure for every gui parameter you have a line in the default alert_actions.conf

[test_alert]
param.process_event =
0 Karma
Reply
Solved! Jump to solution

jtlittle
Path Finder
‎03-13-2018 03:52 PM

I tired this :

param.process_event="red_alert"

this is set as the alert action or the app name?

0 Karma
Reply
Solved! Jump to solution

dijikul
Communicator
‎06-01-2020 01:57 PM

Can you expand on this? I'm encountering the same issue and adding the process_event parameter does nothing..

0 Karma
Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey
Get Updates on the Splunk Community!

Tech Talk Recap | Mastering Threat Hunting

Mastering Threat HuntingDive into the world of threat hunting, exploring the key differences between ...

Observability for AI Applications: Troubleshooting Latency

If you’re working with proprietary company data, you’re probably going to have a locally hosted LLM or many ...

Splunk AI Assistant for SPL vs. ChatGPT: Which One is Better?

In the age of AI, every tool promises to make our lives easier. From summarizing content to writing code, ...