-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathREADME.txt
61 lines (49 loc) · 2.49 KB
/
README.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
=== Custom Alert Action Webhook Plus ===
Author: my2ndhead
Version/Date: 1.0 / 20160707
Description: Custom Alert Action, that sends all results via HTTP(S) POST request to recipient. Supports Basic Authentication.
Usage: Setup Custom Alert Action through the Setup Page. Enter the HTTP Endpoint URL, User/PW for Basic Authentication
Limitations:
- Password is stored in cleartext
- Using the alert action without user/password is possible, but not configurable through the UI
License:
- This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License. [1]
- Commercial Use, Excerpt from CC BY-NC-SA 4.0:
"A commercial use is one primarily intended for commercial advantage or monetary compensation."
- In case of Webhook Plus this translates to:
- You may use Webhook Plus in commercial environments for handling in-house Splunk alerts
- You may use Webhook Plus as part of your consulting or integration work,
if you're considered to be working on behalf of your customer.
The customer will be the licensee of Webhook Plus and must comply according to the license terms
- You are not allowed to sell Webhook Plus as a standalone product or within an application bundle
- If you want to use Webhook Plus outside of these license terms, please contact us and we will find a solution
=== Example Payload ===
{
"owner": "admin",
"session_key": "e3zGNz5X5a^OWq_X1HvGulywPNpnGnvRBRRDDFmEVoPOnPVKXkDk2h_8^jxaRbnl5YvEpxfZGfGIkVNUWjS0fsKGlN^9O3FZtD3uvLxhDC7eQsSCd_E7e7W8ntP2yPtxjX1TQKWg",
"sid": "scheduler__admin__search__test_at_1467139140_2714",
"search_name": "demosearch",
"server_host": "linux",
"results_link": "https://linux:8000/app/search/@go?sid=scheduler__admin__search__demosearch_at_1467139140_2714",
"server_uri": "https://127.0.0.1:8089",
"results": {
"field_list": [
"sourcetype",
"count"
],
"fields": [
{
"count": "10",
"sourcetype": "splunkd"
},
{
"count": "30",
"sourcetype": "scheduler"
}
]
},
"results_file": "/opt/splunk/var/run/splunk/dispatch/scheduler__admin__search__demosearch_at_1467139140_2714/results.csv.gz",
"app": "search"
}
=== References ===
[1] http://creativecommons.org/licenses/by-nc-sa/4.0/