Hi Splunkers,,

We have issue about our Telegram Alert. We set alert send every 5 minutes, but the happened is alert send only one or two time per day. We fill and telnet proxy server confirm connected.

telnet xxx.xxx.co.id 8080
Trying xx.xx.xx.xx...
Connected to xxx.xxx.co.id.

We also check on splunkd.log there's SSL error. Below the error log:

11-04-2024 10:30:07.063 +0700 ERROR sendmodalert [2216772 AlertNotifierWorker-0] - action=telegram STDERR - WARNING:urllib3.connectionpool:Retrying (Retry(total=2, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError(1, '[SSL: UNKNOWN_PROTOCOL] unknown protocol (_ssl.c:1106)'))': /bot7980126779:AAGIDUqqXlAEdfeLE7_OcOiqtJCIOzVljXc/sendMessage?chat_id=-4525666353&text=%3Cb%3ESPLUNK+ALERT+MESSAGE%0A------------------------------%3C%2Fb%3E%0A%3Cb%3EAlert+Name%3C%2Fb%3E%3A+test_telegram+%0A%3Cb%3ESEVERITY%3C%2Fb%3E%3A+High+%0A%3Cb%3EMESSAGE%3C%2Fb%3E%3A+R2.BRN.PE-MOBILE.2%3B56+%0A%3Cb%3EResults+Link%3C%2Fb%3E%3A+https%3A%2F%2Fdcosplunksearchhead%3A8000%2Fapp%2Falert_telegram%2Fsearch%3Fq%3D%257Cloadjob%2520scheduler__usercomm_YWxlcnRfdGVsZWdyYW0__RMD5486a20947b8a80a2_at_1730691000_1982%2520%257C%2520head%25201%2520%257C%2520tail%25201%26earliest%3D0%26latest%3Dnow&parse_mode=HTML

11-04-2024 10:30:07.363 +0700 INFO sendmodalert [2216772 AlertNotifierWorker-0] - action=telegram - Alert action script completed in duration=6326 ms with exit code=5
11-04-2024 10:30:07.363 +0700 WARN sendmodalert [2216772 AlertNotifierWorker-0] - action=telegram - Alert action script returned error code=5
11-04-2024 10:30:07.363 +0700 ERROR sendmodalert [2216772 AlertNotifierWorker-0] - Error in 'sendalert' command: Alert script returned error code 5.

Please help us to solve this issue. Thanks.. 🙏🏼