Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

splunkd.log Warning Logs - Attachment Must be Alert_Link or Message #26

Open
Justangatang opened this issue Sep 13, 2021 · 0 comments
Open

splunkd.log Warning Logs - Attachment Must be Alert_Link or Message #26

Justangatang opened this issue Sep 13, 2021 · 0 comments
Labels
bug

Comments

@Justangatang
Copy link

Justangatang commented Sep 13, 2021
edited
Loading

Every time the Slack Notification Alerts app is called it provides a warning in the splunkd.log file. This seems to occur when the 'Attachment' field in the alert output is set to 'None'

Warning Example:
INFO sendmodalert [416 AlertNotifierWorker-0] - action=slack STDERR - Running python 3
WARN sendmodalert [416 AlertNotifierWorker-0] - action=slack STDERR - Validation warning: Parameter attachment must be ether "alert_link" or "message"
INFO sendmodalert [416 AlertNotifierWorker-0] - action=slack STDERR - Using configured webhook URL:###

Steps to reproduce the behavior:

  1. Create an alert
  2. Set attachment to 'None'
  3. Have the alert generate and send to Slack

Splunk Version 8.2.2
Slack Notification Alerts App v2.2.0

I've also seen this same issue in the Splunk community forum when looking up the message:
https://community.splunk.com/t5/All-Apps-and-Add-ons/Attachment-must-be-ether-alert-link-or-message/m-p/477109
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Justangatang