All Apps and Add-ons

Splunk Integration with Resilient

k-aravind
New Member

I am getting the following error while splunk tries to raise an alert as a Resilient Incident.

__main__ - ERROR - Alert action failed to create Resilient incident!

If anyone else has run into a similar problem, it would be of great help if you shared the steps taken to resolve it. Or help me by pointing in a direction in which I can focus my troubleshooting

Tags (1)
0 Karma

richgalloway
SplunkTrust
SplunkTrust
Could you please say more about how you are trying to raise an alert as a Resilient incident? What app are you using? Is there anything in splunkd.log related to the alert?
---
If this reply helps you, Karma would be appreciated.
0 Karma

k-aravind
New Member

Hi,

I am using the default alert that comes with the Application. I am using the Resilient Integration for Splunk App from Splunkbase.

__main__ - ERROR - Alert action failed to create Resilient incident!

This is the error I find in the Logs.

ERROR sendmodalert - action=resilient STDERR - InsecureRequestWarning)

This is also an error which might be relevant. I have kept the option for verifying certificate as false. If there are other measures to be set in place to override the certificate verification if that is indeed causing the application to fail. Since it is a test environment we don;t have any CA certified certificates.

0 Karma
Get Updates on the Splunk Community!

Splunk Enterprise Security 8.0.2 Availability: On cloud and On-premise!

A few months ago, we released Splunk Enterprise Security 8.0 for our cloud customers. Today, we are excited to ...

Logs to Metrics

Logs and Metrics Logs are generally unstructured text or structured events emitted by applications and written ...

Developer Spotlight with Paul Stout

Welcome to our very first developer spotlight release series where we'll feature some awesome Splunk ...