Alerting
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

To reset/delete the alerts at configurable time.

AditiKulkarni
New Member
‎05-20-2015 02:24 AM

With built-in functionality of splunk, we can set the alert expiration time to 6hrs, 12hrs etc.
But is there a way to delete all the alerts raised during a day at particular time and can we keep that time configurable?
e.g. I want to reset/delete all the alerts raised during a day at 23:59:59, how can this be achieved?

0 Karma
Reply

vganjare
Builder
‎05-20-2015 02:46 AM

Can you please check the answer provided in https://answers.splunk.com/answers/208712/is-there-an-easy-way-to-use-the-rest-api-to-disabl.html

Thanks!!

0 Karma
Reply

SwatiApte
Path Finder
‎06-09-2015 01:29 AM

Hi,

As per a Business requirement, we want to be able to automatically delete all Alerts triggered on the previous Business Day, at the start of each Business Day. For eg. at the start of the current day, let us say 9th June 00:01:00, we want to delete all the triggered alerts triggered between 8th June 00:00:00 to 8th June 23:59:59.

Could you please let us know if this could be the correct way of doing it? The following query works, but we do not know the impact it could have, or if it is correct to use it.

index=_audit earliest=-1d@d latest=@d action=alert_fired ss_app= | delete

0 Karma
Reply

AditiKulkarni
New Member
‎05-24-2015 09:38 PM

Thank you for the answer but, i don't need to disable the alerts in the particular window but, need to delete all the alerts raised (in triggered alerts window) within day at a particular configurable time.

0 Karma
Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey
Get Updates on the Splunk Community!

Tech Talk Recap | Mastering Threat Hunting

Mastering Threat HuntingDive into the world of threat hunting, exploring the key differences between ...

Observability for AI Applications: Troubleshooting Latency

If you’re working with proprietary company data, you’re probably going to have a locally hosted LLM or many ...

Splunk AI Assistant for SPL vs. ChatGPT: Which One is Better?

In the age of AI, every tool promises to make our lives easier. From summarizing content to writing code, ...