Educause Security Discussion mailing list archives
Operational question: formatting Splunk alerts
From: Emily Harris <emharris () VASSAR EDU>
Date: Wed, 27 Feb 2019 12:55:20 -0500
I have an operational question for a Splunk expert. We want to re-format our alert emails from Splunk with a custom template so they are more human readable. The idea is that we send certain triggers via email to a non-IT person and the format of that email should be less technical (ie the raw or JSON payload). From what I can tell there are 3 methods: 1. Edit the sendemail.py script directly 2. Launch an external bash script 3. Use a script plugin Has anyone used any of these methods successfully and can either point me to a really clear "how-to" document or make some time for a consult? Thank you! ---- Emily Harris, CISSP Information Security Officer, CIS Vassar College 845-437-7221
Current thread:
- Operational question: formatting Splunk alerts Emily Harris (Feb 27)
- Re: Operational question: formatting Splunk alerts Garrett Hildebrand (Feb 27)
- Re: Operational question: formatting Splunk alerts Emily Harris (Mar 01)
- Re: Operational question: formatting Splunk alerts Garrett Hildebrand (Mar 01)
- Re: Operational question: formatting Splunk alerts Emily Harris (Mar 01)
- Re: Operational question: formatting Splunk alerts Garrett Hildebrand (Feb 27)