Splunk Search

Slack alert in Splunk 6.4 or 6.5.5

impurush
Contributor

Hello all,

I am getting the below error when I trigger alert from Slack alert app. I tried from Splunk 6.4 and 6.5.5 version also.

FATAL sendmodalert - action=slack STDERR - Unexpected error:

FATAL sendmodalert - action=slack STDERR - Alert action failed
INFO sendmodalert - action=slack - Alert action script completed in duration=127380 ms with exit code=6
WARN sendmodalert - action=slack - Alert action script returned error code=6

Tags (1)
0 Karma

impurush
Contributor

Hi,

below is my alert set up. I added to trigger mail also to verify the search is working perfectly or not, I am getting the alert mail. And I added incoming webhook configuration to my channel in the slack app. Also, I tried this webhook from my personal Splunk instance and it is working perfectly.
alt text

0 Karma

bjoernjensen
Contributor

Hey,

Looks like the sendalert script went into some error state: error code=6.

Might be that the way you want to add data lets the script run into a problem (e.g. NULL values, wrong token usage, ...). Can you show us how the alert is being defined?

All the best,
Björn

0 Karma

hijacob
Communicator

Hi,

did you use the slack notification alert? https://splunkbase.splunk.com/app/2878/ Maybe you this answer can solve your problem: https://answers.splunk.com/answers/351316/slack-notification-alert-how-can-i-get-the-message-1.html ?

Greetings,
Jacob

0 Karma

impurush
Contributor

Hi, I tried the same app and just sending the test message itself not working. Please see the attached screenshot in one my answer below.

0 Karma
Get Updates on the Splunk Community!

See just what you’ve been missing | Observability tracks at Splunk University

Looking to sharpen your observability skills so you can better understand how to collect and analyze data from ...

Weezer at .conf25? Say it ain’t so!

Hello Splunkers, The countdown to .conf25 is on-and we've just turned up the volume! We're thrilled to ...

How SC4S Makes Suricata Logs Ingestion Simple

Network security monitoring has become increasingly critical for organizations of all sizes. Splunk has ...