Is it possible to display more than one line of alert log in Slack?

splunk / slack-alerts

Splunk custom alert action for sending messages to Slack channels

https://splunkbase.splunk.com/app/2878/

Apache License 2.0

18 stars 12 forks source link

Is it possible to display more than one line of alert log in Slack? #30

Open phoxd opened 2 years ago

phoxd commented 2 years ago

Is there a reason, the Slack alert action script only displays the first line of log no matter what, even for mvcombine results? e.g.

Specifically this line, https://github.com/splunk/slack-alerts/blob/main/src/app/bin/slack.py#L37

Archana-Karivaratharaj commented 1 year ago

I am also facing the same issue. Though my search query returns more than 1 rows of results, only the first row of result is taken by default and sent as alert notification in my Slack channel from Splunk Enterprise.

I want only one alert to be triggered and it show all the results (of respective selected fields).

Could anyone please help me on this.