Hi,

I have installed alert manager app and followed documentation for installation.

I have splunk 7.2.4 on a single instance server and Alert manager 2.2.0 add-on. I also installed Python for scientific Computing in Splunk.

After this steps i created an index in my splunk instance :

|    Name    |    Type    |           App           |    Current Size    |    Max Size    |
|   alerts   |   Events   |      alert_manager      |         1MB        |      500GB     |

In the alert manager apps Settings > Global Settings menu, i applied the following configuration :

Globals

Index: alerts
Default Owner: unassigned
Default Priority: low
Number of incidents show in incident posture: 20

- Save incident results to KVStore (checked)
- Index incident results (Not checked)
- Automatically close informational events (Not checked)

Status to use for automatically closed informational events: auto_info_resolved

Alert Action Defaults

Impact: low
Urgency: low

After applied this configuration, i went in my Machine learning toolkit splunk application and i generate an alert with parameter Trigger Actions:

When triggered : 

- Add to Triggered Alerts
- Alert Manager

Title: Test
Impact: low
Urgency: low
Owner: Unassigned

But with all this configuration nothing appear in the alerts index and in the alert manager dashboard.

Any idea ?