
Run a script alert action
The run a script alert action is officially deprecated. It has been replaced with custom alert actions as a more scalable and robust framework for integrating custom actions. See About custom alert actions for implementation and migration information. |
If you have Splunk Enterprise, you can run an alert script when an alert triggers. Select Run a script from the Add Actions menu. Enter the file name of the script that you want to run.
For example, you can configure an alert to run a script that generates a Simple Network Management Protocol (SNMP) trap notification. The script sends the notification to another system such as a Network Systems Management console. You can configure a different alert that runs a script that calls an API, which in turn sends the triggering event to another system.
- Note: For security reasons, place all alert scripts in either of the following locations:
-
$SPLUNK_HOME/bin/scripts
$SPLUNK_HOME/etc/<AppName>/bin/scripts
-
For details on alert script configuration in savedsearches.conf
for a shell script or batch file that you create, see Configure scripted alerts in this manual.
PREVIOUS Monitor triggered alerts |
NEXT Using custom alert actions |
This documentation applies to the following versions of Splunk Cloud Platform™: 8.2.2106, 8.2.2112, 8.2.2201, 8.2.2202, 8.2.2203, 9.0.2205, 9.0.2208, 9.0.2209 (latest FedRAMP release)
Feedback submitted, thanks!