Solved: Splunk Alert.

gpunjabi · ‎03-20-2019

I want to create a Splunk Alert if there no log generated from source file means Cron-Job Not Run.

How would be my search query will look like?

richgalloway · ‎03-20-2019

You must first have your cron logs indexed in Splunk. Write a search that looks for a successful run of the cron job. Trigger an alert if the number of results from that search is zero.

---
If this reply helps you, Karma would be appreciated.

View solution in original post

richgalloway · ‎03-20-2019

You must first have your cron logs indexed in Splunk. Write a search that looks for a successful run of the cron job. Trigger an alert if the number of results from that search is zero.

---
If this reply helps you, Karma would be appreciated.

somesoni2 · ‎03-20-2019

+1

For sample search, see answer by @martin_mueller in following post
https://answers.splunk.com/answers/151532/how-to-create-an-alert-if-no-data-is-generated-from-a-host...

Splunk Alert.

Splunk MCP & Agentic AI: Machine Data Without Limits

Finding Based Detections General Availability

Get Your Hands Dirty (and Your Shoes Comfy): The Splunk Experience

Join the Conversation

Splunk Alert.

Splunk MCP & Agentic AI: Machine Data Without Limits

Finding Based Detections General Availability

Get Your Hands Dirty (and Your Shoes Comfy): The Splunk Experience