Splunk false alerts

p_gurav · ‎05-29-2017

Hi,

Splunk started sending false alerts since today morning even though aler condition hasn't been triggsered. Once we re-enable alert those are working fine.
Can anybody please help what could be the reason behind this as this is become severity one issue in Splunk Production Environment?

Thanks in advance. 🙂

rajanala · ‎10-25-2021

Any updates ?

Any recommendations on how to troubleshoot the issue of false alerts during the OS patching of the Splunk servers (Indexers/SearchHeads) ?

renjujacob88 · ‎09-12-2017

Can you please provide us more information. Is the alert configured as notable event. if that is the case ,you nee to check your throttling parameters

woodcock · ‎05-29-2017

Get a better description, get a diag file, add the bug tag to this Question, and open a Support Case.

niketn · ‎05-29-2017

Which version of Splunk did it happen?

____________________________________________
| makeresults | eval message= "Happy Splunking!!!"

p_gurav · ‎05-29-2017

Splunk 6.4.0

p_gurav · ‎05-29-2017

Can somebody please help?

harsmarvania57 · ‎05-29-2017

If it's severity 1 then I'll suggest to raise case with splunk support.

Splunk false alerts

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

Splunk Observability for AI

🔐 Trust at Every Hop: How mTLS in Splunk Enterprise 10.0 Makes Security Simpler

Are you a member of the Splunk Community?

Splunk false alerts

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

Splunk Observability for AI

🔐 Trust at Every Hop: How mTLS in Splunk Enterprise 10.0 Makes Security Simpler