- Find Answers
- :
- Using Splunk
- :
- Other Using Splunk
- :
- Alerting
- :
- Re: Alerts: when writing a report what are the imp...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Alerts: when writing a report what are the important parameters
When writing a report, please let me know the important parameters and how they should be set without a mistake.
We are triggering alerts through git savedsearches and it further updates saved searches in spunk server. I want to check the validations for the saved searches.conf folder on git. What should the correct format be?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Okay, your question is so broad that probably the only thing that would effectively answer it is an entire several hour course in report writing with splunk. If you have not yet taken the free splunk fundamentals course, please do that immediately.
We have no idea what kind of report you are writing, what kinds of "parameters" you might be referring to, and so on.
Please describe your use case. You are writing a report about...? You are attempting to save the report and cause it to run on a schedule...? You are worried that it might not be set to run with the correct parameters...? What did you try to do, and what actually happened...?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
like whoever is creating an alert should not make any error , so I wan to give them the right format .
how can I do it .
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
we are triggering alerts through git savedsearches and it further updates saved searches in spunk server . I want to check the validations for the saved searches.conf folder on git. what the correct format should be.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
hi @rajneeshc1981 . Thanks for providing more info on your problem. I'm going to go ahead and move this info up into your question, so users can get a better picture of what you need help with.
Also, please check out the Splunk Answer user manual, and read up on how to best ask a question on the forum. If you want a question answered, it is very important that you give us a ton of information describing what your problem is. Otherwise, users won't be able to help!
You can check out that manual here. Good luck!!
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
what? where? why? when? how? who?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
like what are the exceptions on that folder where I am saving the report
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Check if the permissions are given properly.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
checked ...I want to see if thee are any exceptions
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I don't think anyone gets what you need help with. Try telling us more about what you want to do or where you need help with.
Enterprise Security Content Update (ESCU) | New Releases
Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?
Index This | What are the 12 Days of Splunk-mas?
