Re: Alerts

SN1

So i have a search which show the indexes that have 0 events last 24hr. I want to send this result as an alert to microsoft teams from splunk . How can i do that i am using 9.1.4 version.

PrewinThomas

@SN1

You can create incoming webhooks in teams and configure alert in Splunk and use webhook action under Trigger Actions or run a script to perform the same.

Refer below for creating incoming webhooks in Teams.
#https://learn.microsoft.com/en-us/microsoftteams/platform/webhooks-and-connectors/how-to/add-incomin...

Regards,
Prewin
🌟If this answer helped you, please consider marking it as the solution or giving a Karma. Thanks!

SN1

i am pasting the webhook url in the alert action nothing is happening.

PrewinThomas

@SN1

From your Splunk server, test the webhook URL.

Eg: with curl,

curl -H 'Content-Type: application/json' -d '{"text":"Test message from Splunk"}' https://outlook.office.com/webhook/...

Regards,
Prewin
🌟If this answer helped you, please consider marking it as the solution or giving a Karma. Thanks!

SN1

Alerts

other

[Puzzles] Solve, Learn, Repeat: Dynamic formatting from XML events

Enter the Agentic Era with Splunk AI Assistant for SPL 1.4

Stronger Security with Federated Search for S3, GCP SQL & Australian Threat ...

Join the Conversation

Alerts

other

[Puzzles] Solve, Learn, Repeat: Dynamic formatting from XML events

Enter the Agentic Era with Splunk AI Assistant for SPL 1.4

Stronger Security with Federated Search for S3, GCP SQL & Australian Threat ...