A Service that pushes notification to different channels.
Teams notification screenshot:
docker-compose up --build ntt-data-notification-serviceThis should spin up the ntt-data-notification-service and the latest docker image of Splunk locally.
To modify the ports the app is running on, simply change the port mappings in the docker-compose file.
Optional: If not running the application through docker, you can set a property in application.properties if you would like to customize the port your app runs on:
server.port=${PORT:<PORT>}Once the application is running, the frontend page should be accessible at http://localhost:<PORT>/alert. If not altered, this should be port 6060 on your local machine.
In order to see the mocha frontend unit test results locally, navigate to http://localhost:<PORT>/alert/testrunner.html.
Once you have Splunk and the notification service running locally, you'll need to setup the actual webhook to send notifications to your favourite Teams/RocketChat channels. Follow the following steps to set this up:
-
Navigate to your local Splunk instance at
http://localhost:<LOCAL_SPLUNK_PORT>. Via docker this port is defaulted to 7000. -
To try out an example log, type the following as a search in Splunk:
index="_audit"
| eval message="Some message about something"
| table message source-
Click Save As and select Alert.
-
Provide a title, set it to run on a cron schedule and provide a valid cron expression as per your frequency needs.
- Add actions:
Webhook
Add to Triggered Alerts
-
In order to generate the Webhook URL, navigate to the application frontend, type in at least one valid Teams/RocketChat URL and a valid token (present in the
application.ymlfile) and copy the generated base64encoded URL. -
Paste this value into Splunk. If running the application via docker, this url will need to be modified. Replace
localhost:6060
with
172.20.0.6:8080
-
Press Save.
-
Click View Alert.
NOTE: Make sure to disable this alert once done testing if it is only for testing purposes.