Alerting

how to set up the configuration to get the alert notification on real time?

mdoadmin
New Member

I create real time alert for a search query action is sending a email for each result.But alert email did not get.Even though the search query triggered.It start to send emails only after two days and alerts continuously sending only for the alert setup date.So how to set up the configuration to get the alert notification on real time.

Tags (2)
0 Karma

DavidHourani
Super Champion

Hi @mdoadmin,

First configure your real time alert as shown here :
https://docs.splunk.com/Documentation/SplunkCloud/latest/Alert/DefineRealTimeAlerts

Then make sure your email configurations are done properly as follows :
https://docs.splunk.com/Documentation/SplunkCloud/7.2.6/Alert/Emailnotification

Finally test, test and let us know if it's working.

PS: avoid using real time alerts as it consumes a lot of compute and in most cases can be replaced by an alert that can run every 5 or even 10 mins depending on the required response time in your SLA.

Cheers,
David

0 Karma

VatsalJagani
SplunkTrust
SplunkTrust

Have you gone through this?

0 Karma

mdoadmin
New Member

Follow those steps but still could not get the expected result

0 Karma
Get Updates on the Splunk Community!

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

Splunk Life | Splunk is Officially Part of Cisco

Revolutionizing how our customers build resilience across their entire digital footprint. Splunk ...

Splunk APM & RUM | Planned Maintenance March 26 - March 28, 2024

There will be planned maintenance for Splunk APM and RUM between March 26, 2024 and March 28, 2024 as ...