Accept License Agreements

This app is provided by a third party and your right to use the app is in accordance with the license provided by that third-party licensor. Splunk is not responsible for any third-party apps and does not provide any warranty or support. If you have any questions, complaints or claims with respect to this app, please contact the licensor directly.

Thank You

Downloading slackalert
MD5 checksum (slackalert_129.tgz) da8730b732769efb2dcba84f3d007cba MD5 checksum (slackalert_128.tgz) 445cc5bd01bbd25ad99bbeb073a3a8b1 MD5 checksum (slackalert_127.tgz) 63851d51cf685014c385403d8a15fe2b MD5 checksum (slackalert_126.tgz) 72776e1b3c1c9aa3ad1834615edf8068
To install your download
For instructions specific to your download, click the Details tab after closing this window.

Flag As Inappropriate

slackalert

Overview
Details
Send alert messages to Slack. All the Slack attachment fields are fully customizable with fixed values or values from the search results. In addition, this add-on can make use of a proxy regardless of how Splunk is configured.

Full documentation can be found at http://www.github.com/dajomas/slackalert/wiki

slackalert is a custom alert add-on for Splunk to generate Slack messages.

Before this alert can be used, you have to enable incoming webhooks in Slack for the community that is going to receive the alert messages. Look at https://api.slack.com/incoming-webhooks for details on incoming webhooks for Slack

If the Trigger setting is set to Once, all result events are combined into a single Slack message. If the Trigger setting is set to For each result, then each result will get its own Slack message.

When using the Trigger setting Once, consider using the slackalert macro system.

When you install the add-on, you can run the setup to configure default values for new alerts.

Both setup and alert configuration consist of the following sections:

Slack connect settings. Here you configure the URL, hook token and proxy settings
Mandatory settings. The add-on requires the search result to contain at least a severity field. The fieldname can be configured in the alert and defaults to "severity". Here you can also set either the message field or the message itself.
Optional settings. This section is used to override the channel for the configured webhook
Severity color settings. Set the colorbar of the Slack message according to the severity value
Additional fields. Any field that is returned by the search can be added to the Slack message
Message format settings. The last section in the setup and alert configuration contains information that can be used to construct the Slack message. (for more information on these fields have a look at https://api.slack.com/docs/message-attachments)

Release Notes

Version 1.2.9
March 19, 2017

* Replace input tags with splunk tags
* Add functionality to allow for sending all or some search result fields to the Slack message

Version 1.2.8
March 17, 2017

* Default fallback value to message contents
* Switch severity_list input from text box to text area
* Fix severity field parameter in setup.xml
* Fix bug if severity list is empty

Version 1.2.7
March 7, 2017

Fix location of appIcon files

Version 1.2.6
March 6, 2017

Bugfix: fix error in import statement

38
Installs
183
Downloads
Share Subscribe LOGIN TO DOWNLOAD

Subscribe Share

Splunk Certification Program

Splunk's App Certification program uses a specific set of criteria to evaluate the level of quality, usability and security your app offers to its users. In addition, we evaluate the documentation and support you offer to your app's users.

Are you a developer?

As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 50GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.

Follow Us:
© 2005-2017 Splunk Inc. All rights reserved.
Splunk®, Splunk>®, Listen to Your Data®, The Engine for Machine Data®, Hunk®, Splunk Cloud™, Splunk Light™, SPL™ and Splunk MINT™ are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners.