search

splunk / slack-alerts

Splunk custom alert action for sending messages to Slack channels
https://splunkbase.splunk.com/app/2878/
Apache License 2.0
18 stars 12 forks source link

Example message template #24

Open jupp0r opened 3 years ago

jupp0r commented 3 years ago

It would be great if you would supply the text that goes into the "Message" field to produce the nice alert you have in the Readme.md (together with a sample query it belongs to). Thanks!

mflpopescu commented 1 year ago

The alert from the readme.md page is something like this

Message:

Suspicious authentication event detected! :fire: <https://your-link|Create Incident>
\```
Dec 17 text is is a code block. Add three backticks in front of your text
\```

Attachment: - link to alert Fields: host, clientip_location, ...

reference: https://raw.githubusercontent.com/splunk/slack-alerts/main/screenshots/message_example.png