About n0vsec

n0vsec · ‎09-28-2020

Did you ever find an answer to this? I wanting to do a similar search. I only want to append specific fields to a lookup table, while keeping the rest of the fields for alert automation.

n0vsec · ‎09-16-2020

Were you able to resolve this?

n0vsec · ‎08-31-2020

So apparently at some point in time there was an update to our Splunk Cloud instance that broke webhooks, the only way to fix this was to put a ticket in and revert to Python 2.7 until the following update. Not the best solution I would say, but everything is working for now.

n0vsec · ‎05-28-2020

I have set up an alert using webhooks and they have not been firing. I have set the notification to also show up in triggered alerts to make sure that the alert was in fact firing. When looking through the logs via index=_* webhook action=webhook I found some errors, which I cannot figure out how to remediate: event_message: action=webhook - Alert action script returned error code=3 event_message: action=webhook - Alert action script completed in duration=64 ms with exit code=3 event_message: action=webhook STDERR - Unexpected error: POST data should be bytes, an iterable of bytes, or a file object. It cannot be of type str. I realize that the last one is a Python error, which I found some information on here: stackoverflow - Python 3 urllib produces TypeErr... I guess what I am wondering is if this is something that I might be doing wrong? Or is something broken on the cloud platform?

Posts	4
Solutions	1
Karma Given	2
Karma Received	1
Member Since	‎05-28-2020

Online Status	Offline
Date Last Visited	‎03-31-2021 01:40 PM

Alert action script returned error codes on webhoo...

Re: Specify Fields for Outputlookup or Outputcsv

Re: Alert report - columns not ordered by table c...

Re: Alert action script returned error codes on we...

Alert action script returned error codes on webhoo...