Getting Data In

splunk webhook with credentials/authentication

palemmahesh
Engager

I want to use splunk webhook future to send the fired alerts/events to another third party system.

the third party rest api needs authentication.

 So I have given the weebhook url as https:.//username:password@url, but its not sending the trigged alerts to this url. Cannot we give username/password in the url?

how to debug or check why splunk is not able to send trigged alerts?

kamlesh_vaghela
SplunkTrust
SplunkTrust

@palemmahesh 

The splunk web hook alert doesn't provide this feature but you can try below app. 

https://splunkbase.splunk.com/app/3226/

https://github.com/rzzldzzl/alert_webhook_ng

 

Kv

0 Karma
Get Updates on the Splunk Community!

Operationalizing TDIR: Building a More Resilient, Scalable SOC

Optimizing SOC workflows with a unified, risk-based approach to Threat Detection, Investigation, and Response ...

Almost Too Eventful Assurance: Part 1

Modern IT and Network teams still struggle with too many alerts and isolating issues before they are notified. ...

Demo Day: Strengthen Your SOC with Splunk Enterprise Security 8.1

Today’s threat landscape is more complex than ever. Security operation centers (SOCs) are overwhelmed with ...