Alerting
Highlighted

How to schedule search without generating any alert every time it runs?

Communicator

I am scheduling a search to run every minute. I see the splunk generates an alert every time it runs. I don't want this alert. I see some of the scheduled search which ships with the search app, they never generates these alerts though they run every 15 minutes though alert configuration option for these search are Always. If I configure my search with same settings, it generates an alert whenever it runs

0 Karma
Highlighted

Re: How to schedule search without generating any alert every time it runs?

Builder

What does alert means? Email? Could you explain what you want to prevent from being generated?

0 Karma
Highlighted

Re: How to schedule search without generating any alert every time it runs?

Communicator

Search and report page (on splunk UI) has an Alert column. I see that number is increasing every time my search run as per the schedule. But for the similar settings for the searches shipped with Search App do not generate an alert. Alert settings for those searches are 'always' and retain the alert for 24 hour.

0 Karma
Highlighted

Re: How to schedule search without generating any alert every time it runs?

Communicator

My Bad. I didn't see the Tracking option checked. I need to unchek that.

View solution in original post

0 Karma