×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
CrookC007
Explorer
Member since: ‎11-27-2017
‎06-05-2020
Community Statistics
Posts 3
Solutions 0
Karma Given 0
Karma Received 2
Member Since ‎11-27-2017
Activity Feed
Topics I've Started
View All

Re: Basics around alert actions

by in Alerting
‎11-27-2017 07:28 AM
1 Karma
‎11-27-2017 07:28 AM
1 Karma
BTW I tried to award points but it would leave me unable to post any more questions apparently. ... View more

Re: Basics around alert actions

by in Alerting
‎11-27-2017 07:27 AM
‎11-27-2017 07:27 AM
Interesting thanks. I will have to try a few more things to try and make mine do something then (or stick with cron). ... View more

Basics around alert actions

by in Alerting
‎11-27-2017 05:34 AM
1 Karma
‎11-27-2017 05:34 AM
1 Karma
Hi, I have not been working with Splunk for long but I have come across a lot of issues trying to get it to trigger a custom script. I then noted that the 'feature' had been deprecated and in the resulting searching came across people talking about creating custom alert actions. In my head this seems to suggest that the original way is left in for legacy so defining a new one is your best bet. Am I right here? I had a quick look in the alert_actions.conf and found the stanza for the original function. If you were to try and create your own how would it be any different? When I say different I mean in order to get it to work. I personally think I have made assumptions that are incorrect around why you would want to create a customer alert action in the first place. Looking at it at all is driven purely through frustration in not being able to run my shell script. ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:03 AM
Karma from
View All