You can manually trigger the slack alert action if you want to verify the configuration and/or preview different parameter combinations.įor example: | sendalert slack param.channel="#mychannel" ssage="Lorem ipsum"Įnter a simlar SPL query into the search bar in the search interface of Splunk to manually send a message. It is not recommended to do this on a production system. NOTE: This will increase cause detailed logs to be produced for all alert actions and might have an Search for the log channel "sendmodalert".Navigate to "Settings" -> "Server settings" -> "Server logging".You can also increase the verbosity of logs generated by the alert action by adjusting the Click on "View log events" for the Slack alert action.Navigate to "Settings" -> "Alert actions".In order to investigate problems with the Slack alert action, you can check the logs of the Go to "Manage Apps" and click on "Set up" instead of using the Alert actions listing.Īlternatively - to fix it - you can remove the is_configured flag from $SPLUNK_HOME/etc/apps/slack_alerts/local/app.conf and restart Splunk. Setup page shows "I am Legend" setup_stubĪn issue after upgrading the Slack Alerts app can cause an invalid redirect from the alert actions listing page to the setup page. You can obtain this URL by configuring aĬustom integration for you Slack workspace.įor more information see Troubleshooting Known issue with Setup On the setup screen you'll want to supply a Webhook URL.
In order to setup the app, navigate to "Settings" -> "Alert actions". Navigate to "Manage apps" and click "Install app from file".
The source code for this app can be found on GitHub: System requirements