Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
112 results
Sorted by:
08-11-2022
07:37 AM
Hello!
I am trying to use makeresults + eval inside a sendalert parameters, but it doesn't return what i need. Follow the example:
index=client1 s...
Labels
- Labels:
-
eval
-
search job inspector
-
subsearch
08-29-2018
12:25 PM
...ee this error in the splunkd.log:
08-29-2018 15:10:40.746 -0400 ERROR sendmodalert - Error in 'sendalert' command: Alert action "showconfiguration" not found.
I don't know what I did wrong here....
Labels
- Labels:
-
alert action
-
other
3 weeks ago
Good day. I am trying to use the sendalert command in Splunk to send a set of results to Splunk SOAR(Phantom), each result appears in phantom as a new event, would there be a way to receive only o...
Labels
- Labels:
-
other
-
using Splunk Enterprise
07-14-2023
08:49 AM
Hello All, We have a custom alert action (built with the Splunk Add-on Builder) that sends search results to a HEC input. We have heartbeat searches that trigger the alert action periodically to ens...
Labels
- Labels:
-
alert action
09-06-2019
05:47 AM
Hello,
I'm in need of clarification regarding custom alert actions and, in particular, the payload generated by the sendalert command. Sadly, I was unable to find these points adressed in the d...
09-30-2019
09:38 PM
1 Karma
A saved search that ends with
| sendalert risk param._risk_score=risk_score
runs fine, but fails when run as a saved search with the error
Error in 'sendalert' command: Alert script returned e...
Labels
- Labels:
-
troubleshooting
02-04-2021
10:50 PM
Dear Experts I am using sendalert command to invoke a custom alert action. It currently only triggers once irrespective of no of results. Is it possible to trigger it for each result.
- Tags:
- sendalert
Labels
- Labels:
-
alert action
11-04-2016
01:53 PM
...ction script returned error code=1
11-04-2016 20:51:01.532 +0000 ERROR sendmodalert - Error in 'sendalert' command: Alert script returned error code 1.
11-04-2016 20:51:01.532 +0000 ERROR S...
05-03-2019
01:24 AM
Im executing my custom alert action with sendalert action_name command and it executes correctly.
I can see the output in job logs but it doesnt get indexed in _internal index as standard a...
02-12-2018
12:43 PM
Hello,
I have a custom alert action that was working a few days ago and now I'm getting this error and the log is not very helpful in this case. All off the required parameter are set but every at...
