Alerting
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Closed alert status with time when it was triggered first time

shoyeb
Observer
‎04-02-2021 02:22 AM

Hi everyone

I need a query to check the alert status close with time and when the same alert got triggered 1 st time in Splunk  it may be 1 week before and now we r closing same alert can be triggered multiple time so need an historical data of the alert with current status closed time

 

 

 

Thanks in advance

Labels (1)
Labels
0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Forwarders and Forced Time Based Load Balancing

Splunk customers use universal forwarders to collect and send data to Splunk. A universal forwarder can send ...

NEW! Log Views in Splunk Observability Dashboards Gives Context From a Single Page

Today, Splunk Observability releases log views, a new feature for users to add their logs data from Splunk Log ...

Last Chance to Submit Your Paper For BSides Splunk - Deadline is August 12th!

Hello everyone! Don't wait to submit - The deadline is August 12th! We have truly missed the community so ...