You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
11 lines
772 B
11 lines
772 B
[lookup_entity_contact_details(3)]
|
|
args = entity_key, alarm, severity
|
|
definition = lookup itsi_entities _key as entity_key OUTPUT _itsi_informational_lookups \
|
|
| eval _itsi_informational_lookups = mvfilter(match(_itsi_informational_lookups, "alert_*")) \
|
|
| rex field=_itsi_informational_lookups "(alert_routing=(?<t_alert_routing>.*))?(alert_email=(?<t_alert_email>.*))?(alert_oncall_routing_key=(?<t_alert_oncall_routing_key>.*))?(alert_custom_param=(?<t_alert_custom_param>.*))?(alert_snow_assignment_group=(?<t_alert_snow_assignment_group>.*))?" \
|
|
| foreach t_* [| eval <<MATCHSTR>>=coalesce(<<MATCHSTR>>,<<FIELD>>)]
|
|
iseval = 0
|
|
|
|
[itew_get_splunk_base_uri]
|
|
definition = "Update macro itew_get_splunk_base_uri with Splunk Base URI. (I.E. https://splunkserver)"
|
|
iseval = 0 |