Alerting

Setting up an audible alarm with workflow action

gpburgett
Splunk Employee
Splunk Employee

We have installed Splunk in a service control center and have monitoring and alerting set up for several content servers. The alerting and everything works fine, I was just curious about what other custom things we could do with the workflow actions. Here's what I'm thinking:

Would it be possible to set up a workflow action that triggers a popup or maybe even an audible alarm on my workstation(Search Head) when the alert conditions are met?

Our customer is interested in this, and I think other people in similar control/monitoring centers might be interested in this functionality too. It seems like it should be possible, but it will take somebody smarter than me to figure it out. Please give me any ideas you might have about where to get started.

Tags (2)
0 Karma
1 Solution

gpburgett
Splunk Employee
Splunk Employee

I guess I should've looked a little harder before posting:

See:

Audio Alerts on Client Browser. Is it Possible? -by Maverick

blogs/audiblealerts

View solution in original post

0 Karma

tedder
Communicator

While you could do it client-side, the best way might be to fire off a script when conditions are met. In other words, do a saved search that only fires off with your specific condition, and plumb that into something that will play music or fire a beep.

It depends on if you are on linux or windows, what is installed, etc, but it should be easy to do with a simple line of shell/batch. For instance, "start c:\alert.mp3" on Windows or "mpg123 /alert.mp3" on linux. FSVO mpg123 of course!

0 Karma

gpburgett
Splunk Employee
Splunk Employee

I guess I should've looked a little harder before posting:

See:

Audio Alerts on Client Browser. Is it Possible? -by Maverick

blogs/audiblealerts

0 Karma
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...