Alerting

How to be notified by Splunk?

ric_flair_wcw
New Member

Hi experts,

I'd like my application to be alerted by Splunk if there is a problem.
I don't want to develop a monitoring submodule in my application as Splunk is already running in our department.
So how can I send alerts from Splunk to my app? What interface does Spunk have (REST, SOA, ...)? Can this communication go on a secure channel (HTTPS)?

Thank you!
V.

Tags (2)
0 Karma

saramamurthy_sp
Splunk Employee
Splunk Employee

You can always build your alerts and when these alers meet the condtion i.e the alert value reaching >1 then these alerts will be triggered and you will get the notifications in the form the email.

You can set these alerts, you can reffer to the below document which will help you to understand more.
https://docs.splunk.com/Documentation/UnixApp/5.2.5/User/Createcustomalerts

And if you are looking out which is the app that can help you for your requirement, I would suggest you to use the Rest API, you can download these in the below link.

LINK : https://splunkbase.splunk.com/app/1546/

You can configure it using the below link.

https://docs.splunk.com/Documentation/AddonBuilder/2.2.0/UserGuide/ConfigureDataCollection

0 Karma

arjunpkishore5
Motivator

You can use web hooks to your application - https://docs.splunk.com/Documentation/Splunk/7.1.3/Alert/Webhooks

If this doesn't meet your needs, you can always build custom alert actions tailored to your application.

0 Karma

gcusello
SplunkTrust
SplunkTrust

Hi ric_flair_wcw,
splunk has REST API that can go on https.
Splunk can report if there are problems until it's running; at the same time it can send an heartbeat to your application.

Ciao.
Giuseppe

0 Karma
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...