Hi,
https://answers.splunk.com/answers/589237/splunk-enterprise-security-adaptive-response-actio.html
So this is the same issue I am facing which is mentioned in the above URL.
Now, I am facing the same issue even after defining the fields under "sendalert" in the "alert_actions.conf.spec" file.
Could anyone please help me with this?
Error:
"PAN : Tag to Dynamic Address Group" could not be dispatched:
ActiveResponseException: Invalid parameter for adhoc modular action.
-Meena
Did you specify the fields in alert_actions.conf or alert_actions.conf.spec? You'll need to specify them in alert_actions.conf.
Without knowing the contents of alert_actions.conf, we'd be unable to help you troubleshoot this further. Please provide more details about what that adaptive response action looks like in the .conf file 🙂