Alerting
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Find the historical execution of alerts and sending email status

Julia1231
Communicator
‎12-28-2022 03:34 AM

Hi everyone,

I am searching a way to have a list of every alert (sending email) goes along with: schedule (cron), last run,  send email (sent or not)

Until now I can find this list of info but still not success to have the last run and send email

 

 

|rest/servicesNS/-/App_name/saved/searches
| fields title disabled actions alert.severity cron_schedule action.email.to action.email.bcc is_schedule max_concurrent next_schedule_time run_n_times
| where disabled=0 
|where actions="email"
|table title cron_schedule action.email.to action.email.bcc is_schedule max_concurrent next_schedule_time run_n_times

 

 

Anyone has an idea, please? 

Thanks in advanced!

Labels (3)
Labels
0 Karma
Reply
Get Updates on the Splunk Community!

Webinar Recap | Revolutionizing IT Operations: The Transformative Power of AI and ML ...

The Transformative Power of AI and ML in Enhancing Observability   In the realm of IT operations, the ...

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...