Splunk Enterprise Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Custom adaptive response action not showing.

burakatabay
Path Finder
‎03-14-2020 12:19 PM

Hi Splunkers,

I need a custom adaptive response and ı read this documentation.
"https://dev.splunk.com/enterprise/docs/developapps/enterprisesecurity/adaptiveresponseframework/exam..."
I did what it says on this page.
Also I try add-on builder then resuit is same, Don't show any custom adaptive response on incident review page .
I also cannot include this app in any correlation search alert action.
My app name is TA-tck.
Splunk version 7.2.5.1
Splunk ES version 5.2.0

Also "supports_adhoc": true in alert_actions.conf file.
ı restarted splunk.

alt text

How I fix this, thank you for all.

Preview file
1 KB
0 Karma
Reply
Get Updates on the Splunk Community!

Index This | I’m short for "configuration file.” What am I?

May 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with a Special ...

New Articles from Academic Learning Partners, Help Expand Lantern’s Use Case Library, ...

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

Your Guide to SPL2 at .conf24!

So, you’re headed to .conf24? You’re in for a good time. Las Vegas weather is just *chef’s kiss* beautiful in ...