The script I've completed is as follows #!/usr/bin/env python3 # -*- coding: utf-8 -*- import sys import json import requests DINGTALK_WEBHOOK = "https:***" def send_dingtalk_alert(computer_name, event_id, message): headers = {"Content-Type": "application/json"} markdown_text = f"""## Splunk alert **computer_name**: {computer_name} **event_id**: {event_id} **message**: {message}""" data = { "msgtype": "markdown", "markdown": { "title": "Windows alert", "text": markdown_text }, "at": { "isAtAll": False } } try: response = requests.post( DINGTALK_WEBHOOK, data=json.dumps(data), headers=headers, timeout=10 ) if response.json().get("errcode") != 0: print(f"error: {response.text}") return False return True except Exception as e: print(f"error: {str(e)}") return False if __name__ == "__main__": try: computer_name = sys.argv[1] event_id = sys.argv[2] event_message = sys.argv[3] except IndexError: print("Error: Necessary parameters are missing") print("Usage: script.py <ComputerName> <EventCode> <Message>") sys.exit(1) success = send_dingtalk_alert(computer_name, event_id, event_message) if not success: sys.exit(2) But the content of the alert I received is incorrect, and the alert content is what I filtered from the logs, as follows ： Splunk Alert Notifications Alarm Event ID: Type=Error ComputerName=RJSER-FILESERIT.abc.com EventCode=* _time=* Alarm event content: Type=Error ComputerName=RJSER-FILESERIT.abc.com EventCode=* _time=* How can I modify the script to obtain the correct data? ... View more