All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Splunk - Add-on builder - cant execute webhooks

jtlittle
Path Finder
‎03-07-2018 08:57 PM

anyone know why I cant execute filesystem commands in the app builder with python and slack web hooks?

https://splunkbase.splunk.com/app/2962/
user log 1:

2018-03-07 18:34:42,033 ERROR pid=24690 tid=MainThread file=cim_actions.py:message:271 | sendmodaction - signature="Error: 'module' object has no attribute 'process_event'. Please double check spelling and also verify that a compatible version of Splunk_SA_CIM is installed." action_name="test_alert" search_name="test_arf" sid="1520447680.116" rid="0" app="TA-fancydudeapp" user="admin" action_mode="adhoc" action_status="failure"

log 2:

The os module/method can be used to execute filesystem commands.

Reply
1 Solution
Solved! Jump to solution
Solution

starcher
Influencer
‎03-08-2018 08:46 AM

Make sure for every gui parameter you have a line in the default alert_actions.conf

[test_alert]
param.process_event =

View solution in original post

0 Karma
Reply
Solved! Jump to solution

jtlittle
Path Finder
‎03-08-2018 09:55 AM

ok so the add-on builder does not do this for you?

support has me using this

https://splunkbase.splunk.com/app/2962/

I can check the alert_actions.conf

I think ill need to SSH to it and use nano cause I don't recall that ability in the app.

thanks for your recomendation ill try that.

-Jon

0 Karma
Reply
Solved! Jump to solution
Solution

starcher
Influencer
‎03-08-2018 08:46 AM

Make sure for every gui parameter you have a line in the default alert_actions.conf

[test_alert]
param.process_event =
0 Karma
Reply
Solved! Jump to solution

jtlittle
Path Finder
‎03-13-2018 03:52 PM

I tired this :

param.process_event="red_alert"

this is set as the alert action or the app name?

0 Karma
Reply
Solved! Jump to solution

dijikul
Communicator
‎06-01-2020 01:57 PM

Can you expand on this? I'm encountering the same issue and adding the process_event parameter does nothing..

0 Karma
Reply
Get Updates on the Splunk Community!

Aligning Observability Costs with Business Value: Practical Strategies

 Join us for an engaging Tech Talk on Aligning Observability Costs with Business Value: Practical ...

Mastering Data Pipelines: Unlocking Value with Splunk

 In today's AI-driven world, organizations must balance the challenges of managing the explosion of data with ...

Splunk Up Your Game: Why It's Time to Embrace Python 3.9+ and OpenSSL 3.0

Did you know that for Splunk Enterprise 9.4, Python 3.9 is the default interpreter? This shift is not just a ...