Alerting
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to create an website monitoring alert?

Germaine1989
Engager
‎10-10-2022 11:15 PM

Hello,

I have some websites I monitor.
I want to receive an alert when a website is not available more than 15 minutes.
Can you help me create a query for that?

Labels (2)
Labels
0 Karma
Reply

GaetanVP
Contributor
‎10-11-2022 12:34 AM

Hello @gcusello,

I agree with you, just for my curiosity, would you setup the alert like this ?

GaetanVP_0-1665473552547.png

Thanks for your posts that I always enjoy to read !

Regards,
GaetanVP  

0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎10-11-2022 02:18 AM

Hi @GaetanVP,

yes, it's correct.

Ciao.

Giuseppe

0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎10-11-2022 12:20 AM

Hi @Germaine1989,

I suppose that when your website is down you don't have any log from it, in this case you can create a simple alert

index=<your_index> host=<your_host>

to run every 10 minutes, the alert must fire if you don't have results.

If instead you continue to have logs from that host, you have to identify the logs that demonstarte that the log is up, and then insert this additional condition to the above search.

Ciao.

Giuseppe

Reply

Germaine1989
Engager
‎10-11-2022 12:49 AM
  • Thanks for you answer.

    I dont know what you mean with your_index
    I don't have any specific index for the Website Monitoring Add on.
0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎10-11-2022 02:16 AM

Hi @Germaine1989,

you surely archive the logs from the website in one or more indexes that I don't know: "<your_index>" means this or these index/es.

Ciao.

Giuseppe

 

0 Karma
Reply

Germaine1989
Engager
‎10-11-2022 02:50 AM

i have found something.

what can i set up as a condition?

Trigger Conditions

I want to trigger an alert when a website is failed more than 15 minutes.

Germaine1989_0-1665481813194.png

 

0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎10-11-2022 02:55 AM

@Germaine1989,

as I said, you have to create a search that usually has results, and that the condition "results=0" is the firing condition.

then you can create the alert firing with the condition results=0.

in the search you have to define a time period of 15 minutes and schedule the alert every 15 minutes.

Ciao.

Giuseppe

0 Karma
Reply
Get Updates on the Splunk Community!

Updated Team Landing Page in Splunk Observability

We’re making some changes to the team landing page in Splunk Observability, based on your feedback. The ...

New! Splunk Observability Search Enhancements for Splunk APM Services/Traces and ...

Regardless of where you are in Splunk Observability, you can search for relevant APM targets including service ...

Webinar Recap | Revolutionizing IT Operations: The Transformative Power of AI and ML ...

The Transformative Power of AI and ML in Enhancing Observability   In the realm of IT operations, the ...