Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- About cmeyer
cmeyer
Observer
Member since:
07-27-2022
Thursday
Community Statistics
| Posts | 3 |
| Solutions | 0 |
| Karma Given | 0 |
| Karma Received | 0 |
| Member Since | 07-27-2022 |
Activity Feed
- Posted Pull in CDR data from CUCM on All Apps and Add-ons. a week ago
- Tagged Pull in CDR data from CUCM on All Apps and Add-ons. a week ago
- Posted BMC Remedy Add On Authentication errors on Splunk Enterprise. 08-17-2022 01:49 PM
- Tagged BMC Remedy Add On Authentication errors on Splunk Enterprise. 08-17-2022 01:49 PM
- Tagged BMC Remedy Add On Authentication errors on Splunk Enterprise. 08-17-2022 01:49 PM
- Tagged BMC Remedy Add On Authentication errors on Splunk Enterprise. 08-17-2022 01:49 PM
- Posted Can Splunk look for specific events and send them in an API to a third party ticketing system in JSON? on Alerting. 07-27-2022 11:58 AM
- Tagged Can Splunk look for specific events and send them in an API to a third party ticketing system in JSON? on Alerting. 07-27-2022 11:58 AM
a week ago
I see there is a premium app to show CDR data from CUCM but is there a way to view this data from running a search without that app? I have Splunk setup as a billing server in CUCM but am unable to find any CDR data. We are using Enterprise on-prem.
... View more
- Tags:
- cdr
Labels
- Labels:
-
search
08-17-2022
01:49 PM
Hey everyone, I recently installed the BMC Remedy Add On for Splunk and followed the directions to get setup. I successfully connected into BMC via REST credentials, setup the remedy_fields.conf file and successfully created a ticket via search and the remedyincidentcreatestreamrest command. My problem is automating this experience. I created an alert based on a search (per the docs), and specified the "Remedy Incident Integration using REST API" trigger. Looking at the splunk_ta_remedy_rest_alert.log file I see the following authentication error: 2022-08-17 15:07:35,356 ERROR pid=11181 tid=MainThread file=remedy_helper.py:create_incident:287 | Authentication failed, status_code=401, url='https://url-restapi.onbmc.com:443/api/arsys/v1.0/entry/HPD:ServiceInterface', params={'fields': 'values(Incident Number, Incident_Status)'}, response=[{"messageType":"ERROR","messageText":"Authentication failed","messageNumber":623,"messageAppendedText":"remedy_user"}] 2022-08-17 15:07:35,657 INFO pid=11181 tid=MainThread file=remedy_helper.py:create_jwt_token:162 | Successfully generated a new jwt token 2022-08-17 15:07:36,030 ERROR pid=11181 tid=MainThread file=remedy_helper.py:create_incident:287 | Error occured, status_code=400, url='https://url-restapi.onbmc.com:443/api/arsys/v1.0/entry/HPD:ServiceInterface', params={'fields': 'values(Incident Number, Incident_Status)'}, response=[{"messageType":"ERROR","messageText":"Required field cannot be blank.","messageNumber":326,"messageAppendedText":"HPD:Help Desk : Contact Company"}] 2022-08-17 15:07:36,030 ERROR pid=11181 tid=MainThread file=remedy_incident_rest_alert_base.py:post_incident:227 | [Remedy Incident REST Alert] The search name: Ingress to ICM Missing DN. Failed to Create/Update incident Traceback (most recent call last): File "/opt/splunk/etc/apps/Splunk_TA_remedy/bin/remedy_helper.py", line 432, in retry return func(account_info, *arg, **kwargs) File "/opt/splunk/etc/apps/Splunk_TA_remedy/bin/remedy_helper.py", line 288, in create_incident raise Exception(msg) Exception: Authentication failed, status_code=401, url='https://url-restapi.onbmc.com:443/api/arsys/v1.0/entry/HPD:ServiceInterface', params={'fields': 'values(Incident Number, Incident_Status)'}, response=[{"messageType":"ERROR","messageText":"Authentication failed","messageNumber":623,"messageAppendedText":"remedy_user"}] During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/opt/splunk/etc/apps/Splunk_TA_remedy/bin/remedy_incident_rest_alert_base.py", line 200, in post_incident proxy_config=self.proxy_config, File "/opt/splunk/etc/apps/Splunk_TA_remedy/bin/remedy_helper.py", line 454, in retry return func(account_info, *arg, **kwargs) File "/opt/splunk/etc/apps/Splunk_TA_remedy/bin/remedy_helper.py", line 288, in create_incident raise Exception(msg) Exception: Error occured, status_code=400, url='https://url-restapi.onbmc.com:443/api/arsys/v1.0/entry/HPD:ServiceInterface', params={'fields': 'values(Incident Number, Incident_Status)'}, response=[{"messageType":"ERROR","messageText":"Required field cannot be blank.","messageNumber":326,"messageAppendedText":"HPD:Help Desk : Contact Company"}] I have a separate application creating tickets via REST and was told to use the HPD:IncidentInterface_Create. Not sure what the difference is (if any) to running a search is as opposed to having an alert trigger it but I am stumped. If anyone can offer some insight I would appreciate it. Thanks! Chad
... View more
Labels
- Labels:
-
troubleshooting
07-27-2022
11:58 AM
Hey everyone,
I am pretty unfamiliar with all of the functionality Splunk has to offer and am wondering if Splunk has the ability to look for specific events and if found, send that in an API to a third party ticketing system in JSON format. I see Splunk has its own APIs to look for data that it has ingested but looking to send that data elsewhere. Any help would be appreciated. Thanks.
... View more
- Tags:
- alert action
Labels
- Labels:
-
alert action
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
Thursday
|
