I need to pass data from Splunk to an external system based upon a triggered Alert.
Could I use the REST API to pass the JSON data or would a python script be a better approach?
You should check out the new TA from @jkat54
Not new but it’ll do it!
Bert Shuler helped with it as well.
Bert Approved App! One of the smartest guys I know
I accepted this answer because no one else tried and the op never replied.
Did we make it where it would do modular alerts too? I may have...