Solved: Add Alert for Dashboard Panel

tkwaller · ‎04-09-2014

Hello

I'm trying to add an alert to a dashboard panel: here is the base search:
index=name app_name=API brokerId=* operation=purchase earliest=-4h | xmlkv | timechart span=10min count by transactionType | eval NRTPCT=(NonRealTime/(RealTime+NonRealTime))*100 | eval RTPCT=(RealTime/(RealTime+NonRealTime))*100

What I would like to alert on is when the NRTPCT goes over 2%

I haven't figured out the conditional search for the alert to use.

Can anyone help?

tkwaller · ‎04-10-2014

Nevermind, changed the base search, added a new field for eval and used that field to determine the conditional search for the alert.

View solution in original post

tkwaller · ‎04-10-2014

Nevermind, changed the base search, added a new field for eval and used that field to determine the conditional search for the alert.

Add Alert for Dashboard Panel

Can’t make it to .conf25? Join us online!

What Is Splunk? Here’s What You Can Do with Splunk

Level Up Your .conf25: Splunk Arcade Comes to Boston

Manual Instrumentation with Splunk Observability Cloud: How to Instrument Frontend ...

Are you a member of the Splunk Community?

Add Alert for Dashboard Panel

Can’t make it to .conf25? Join us online!

What Is Splunk? Here’s What You Can Do with Splunk

Level Up Your .conf25: Splunk Arcade Comes to Boston

Manual Instrumentation with Splunk Observability Cloud: How to Instrument Frontend ...