All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Alert Manager: How do I get the "tags" field populated?

daniel333
Builder
‎04-25-2016 09:51 PM

All,

Just playing around with the Alert Manager app from Splunkbase. Not sure how I get the "tags" field populated? It's not a tags.conf field it seems? Seems it gathered somehow in the data model?

thanks!

Reply

Simon
Contributor
‎04-25-2016 10:50 PM

Hi daniel

You already gave the answer yourself.
For all the other folks:
Besides the custom alert settings, which can't be changed after an incident has been generated, there are some addition properties which can be changed by alert under Settings -> Incident Settings. These settings apply also for already existing incidents, that's why they are separated from the general alert action settings.

Hope that answers your question.
Simon

0 Karma
Reply

Simon
Contributor
‎04-25-2016 10:48 PM

Hi Daniel
I'm afraid it's not possible but this is a great idea!
I just created an enhancement request. Have a look at https://github.com/simcen/alert_manager/issues/123 to track progress.

Thanks
Simon

0 Karma
Reply

daniel333
Builder
‎04-25-2016 10:09 PM

Oh! i see it's an option under incident settings in the GUI. Is there a way to generate this value from my search?

0 Karma
Reply
Get Updates on the Splunk Community!

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

You’ve probably heard the latest about AppDynamics joining the Splunk Observability portfolio, deepening our ...

Monitoring Amazon Elastic Kubernetes Service (EKS)

As we’ve seen, integrating Kubernetes environments with Splunk Observability Cloud is a quick and easy way to ...

Cloud Platform & Enterprise: Classic Dashboard Export Feature Deprecation

As of Splunk Cloud Platform 9.3.2408 and Splunk Enterprise 9.4, classic dashboard export features are now ...