Solved: Add Alert for Dashboard Panel

tkwaller · ‎04-09-2014

Hello

I'm trying to add an alert to a dashboard panel: here is the base search:
index=name app_name=API brokerId=* operation=purchase earliest=-4h | xmlkv | timechart span=10min count by transactionType | eval NRTPCT=(NonRealTime/(RealTime+NonRealTime))*100 | eval RTPCT=(RealTime/(RealTime+NonRealTime))*100

What I would like to alert on is when the NRTPCT goes over 2%

I haven't figured out the conditional search for the alert to use.

Can anyone help?

tkwaller · ‎04-10-2014

Nevermind, changed the base search, added a new field for eval and used that field to determine the conditional search for the alert.

View solution in original post

tkwaller · ‎04-10-2014

Nevermind, changed the base search, added a new field for eval and used that field to determine the conditional search for the alert.

Add Alert for Dashboard Panel

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Data Management Digest – May 2026

Index This | What is feather-light but cannot be held long?

.conf26 Registration is Live: Secure Your Early Bird Pass Now

Join the Conversation