Alerting

How send splunk alerts to netcool?

romattos
New Member

How Can I send alerts from splunk to netcool ? The splunk is able to send alerts to netcool omnibus?

0 Karma

gcusello
SplunkTrust
SplunkTrust

Hi @romattos,
are yu speaking of IBM netcool?
Did you already explored the SNMP Splunk MA App for Netcool ( https://splunkbase.splunk.com/app/3596/ ) ?

otherwise it isn't so easy because, following the instructions at https://docs.splunk.com/Documentation/Splunk/6.2.1/alert/SendingSNMPtrapstoothersystems (as you can see it's old!), you have to create a perl script because in the 0 fields related to a fired alert you can find the url of a zipped files that contains the results of the search but you cannot send it to Netcool and you have to unzip it and add to one of the eight fields.

Ciao.
Giuseppe

0 Karma

romattos
New Member

Hi Giuseppe.

Yes . I want to send to IBM Netcool Omnibus. Is it possible? Do you have more details?

Thanks!!

0 Karma

hgehrts_splunk
Splunk Employee
Splunk Employee

Hi!
yes, it's possible. And there are several ways of doing this. The easiest might be
https://docs.splunk.com/Documentation/Splunk/8.0.2/Alert/AlertWorkflowOverview
where an alert action triggers a script that sends information into an Omnibus Probe.

best
Henning

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...