All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Alert Manager: How do I get the "tags" field populated?

daniel333
Builder
‎04-25-2016 09:51 PM

All,

Just playing around with the Alert Manager app from Splunkbase. Not sure how I get the "tags" field populated? It's not a tags.conf field it seems? Seems it gathered somehow in the data model?

thanks!

Reply

Simon
Contributor
‎04-25-2016 10:50 PM

Hi daniel

You already gave the answer yourself.
For all the other folks:
Besides the custom alert settings, which can't be changed after an incident has been generated, there are some addition properties which can be changed by alert under Settings -> Incident Settings. These settings apply also for already existing incidents, that's why they are separated from the general alert action settings.

Hope that answers your question.
Simon

0 Karma
Reply

Simon
Contributor
‎04-25-2016 10:48 PM

Hi Daniel
I'm afraid it's not possible but this is a great idea!
I just created an enhancement request. Have a look at https://github.com/simcen/alert_manager/issues/123 to track progress.

Thanks
Simon

0 Karma
Reply

daniel333
Builder
‎04-25-2016 10:09 PM

Oh! i see it's an option under incident settings in the GUI. Is there a way to generate this value from my search?

0 Karma
Reply
Get Updates on the Splunk Community!

Extending Observability Content to Splunk Cloud

Watch Now!   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to leverage ...

More Control Over Your Monitoring Costs with Archived Metrics!

What if there was a way you could keep all the metrics data you need while saving on storage costs?This is now ...

New in Observability Cloud - Explicit Bucket Histograms

Splunk introduces native support for histograms as a metric data type within Observability Cloud with Explicit ...