Re: Schedule alert for different time zones

hvoynova · ‎08-04-2020

Hello,

I have an alert which is scheduled to run at 8 AM every day using a cron expression. It checks events from different site locales.

Since this alert must be scheduled for different regions (EU, APAC, NA, etc.), is it possible to run the alert independently for each time zone?

(example: daily alerts that run at 8AM to be able to run their checks at 8AM in each market's timezone)

Regards

aashiqwork · ‎08-04-2020

Create a local Splunk user called TZ_London, login as that user and set his Time zone so that Splunk knows how to interpret Timepicker values like Today and Yesterday, etc. by clicking TZ_London -> Settings -> Time zone. Then clone the report so that TZ_London owns it and it runs as him with his Time zone setting. This way Splunk handles Daylight Savings and everything else.

https://community.splunk.com/t5/Alerting/How-to-configure-alert-based-on-other-timezones/td-p/450777

Hope this helps !!!

Thanks

Schedule alert for different time zones

alert action

alert condition

cron

Tech Talk Recap | Mastering Threat Hunting

Observability for AI Applications: Troubleshooting Latency

Splunk AI Assistant for SPL vs. ChatGPT: Which One is Better?

Are you a member of the Splunk Community?