Filter data sended using saved search with action ...

Alerting

Hello Splunker's

I programmed a saved search with a send webhook data action to send the result in json format. I noticed that the data sent contains additional information like app name eand result_link:

INFO -: {"app" => "search", "results_link" => "http: // splk-sh: 8000 / app / search / search? ....

In fact, I don't want to display this information on my results; i searched in advanced actions i found:

action.webhook.command: sendalert $action_name$ results_file="$results.file$" results_link="$results.url$"

i tried to delete result_link but it doesn't work.

did you encounter this problem on whebook or even email action can be the same.

Thank you

Get Updates on the Splunk Community!

Splunk Forwarders and Forced Time Based Load Balancing

Splunk customers use universal forwarders to collect and send data to Splunk. A universal forwarder can send ...

NEW! Log Views in Splunk Observability Dashboards Gives Context From a Single Page

Today, Splunk Observability releases log views, a new feature for users to add their logs data from Splunk Log ...

Last Chance to Submit Your Paper For BSides Splunk - Deadline is August 12th!

Hello everyone! Don't wait to submit - The deadline is August 12th! We have truly missed the community so ...