Splunk Search

Splunk integration with OpsGenie to send alert- Is OpsGenie not supported?

shashank_24
Path Finder

Hi, I am sure this question must have asked multiple times and infact I've come across multiple posts but I am still unanswered.

So I am a Splunk developer/analyst who is looking to integrate my Splunk Enterprise with OpsGenie to send alert notifications but when I look at the integration here https://support.atlassian.com/opsgenie/docs/integrate-opsgenie-with-splunk/ it says to install an app in Splunk base and when I go to that app https://splunkbase.splunk.com/app/3759/ it says "This app is NOT supported by Splunk. Please read about what that means for you here."

What does this mean? As an Admin we can see the app when we browse in Splunk. Does it mean if we install it it won't break or could break other things?

Let me know if anyone has done this integration on their on-prem Splunk enterprise architecture. Any input is appreciated.

Labels (3)
0 Karma

Ckknudsen
New Member

Just incase anyone stumbles upon this thread, I just got done trying to get the OpsGenie App for Splunk working and integrated but they stopped fully supporting that app back in Splunk Version 7.1, Anything newer and this won't work. 

https://jira.atlassian.com/browse/OPSGENIE-1178

0 Karma

scelikok
SplunkTrust
SplunkTrust

Hi @shashank_24,

API endpoints are hardcoded into python code. There is two different OpsGenie app in Splunkbase for US and EU regions. If your OpsGenie account is in EU region, you should use below version.

Opsgenie(EU) for Splunk

https://splunkbase.splunk.com/app/5144/

 

If this reply helps you an upvote and "Accept as Solution" is appreciated.

scelikok
SplunkTrust
SplunkTrust

Hi @shashank_24,

"This app is NOT supported by Splunk" means this App or TA is not maintained by Splunk. This does not mean that it will break your system if you check your Splunk Enterrpise version is in the Compatibility list.

If you have any problem you need to check Splunk Community pages or try to contact with the app developer.

We have done this integration using this app, on a customers on-prem Splunk.

If this reply helps you an upvote and "Accept as Solution" is appreciated.
0 Karma

shashank_24
Path Finder

Hi @scelikok Thanks for your quick response.

We have just integrated our test environment with OpsGenie. We tested it and not getting any alerts in OpsGenie.

As per the instruction it only takes API key in Splunk to send the data. BUT my question is how will Splunk knows where to send the data to? I mean there is no domain/hostname/port etc.

I am using this link to follow the steps. https://support.atlassian.com/opsgenie/docs/integrate-opsgenie-with-splunk/

0 Karma

payal23
Path Finder

@shashank_24  I am also facing the similar issue. Are you able to integrate Opsgenie and Splunk?

0 Karma

prathasj
Loves-to-Learn

I am also facing similar issue , has anyone able to integrate Opsgenie with Splunk

Tags (1)
0 Karma

tywhite
Explorer

We're using Opsgenie with Splunk
https://splunkbase.splunk.com/app/3759

Splunk Enterprise

Version:8.2.9

Installed the app and then added the API (from the Splunk integration in Opsgenie) in the Set up.

Have you reviewed the Opsgenie logs to confirm whether or not the alert was received from Splunk?

It may have been received, but failed to create an alert for some other reason.

 

0 Karma
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...