All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Issue wtih Alert Manager Add-On for Splunk Cloud?

rdiazalo
Observer
‎11-18-2022 01:51 AM

Hi,

I got an issue configuring alert manager app. The incident posture filter is not working.

rdiazalo_0-1668764760203.png

It does not matter what info I change inside the red box. The alerts that are shown below does not change at all.

Any help will be grateful.

Labels (1)
Labels
Tags (1)
0 Karma
Reply

rohe
Observer
‎01-22-2023 12:49 AM

Hi @gcusello ,

What could be the problem for me?

I can't define a user

Bildschirmfoto 2023-01-22 um 09.18.33.png

Bildschirmfoto 2023-01-22 um 09.19.37.png

0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎01-23-2023 12:26 AM

Hi @rohe,

sorry I didn't see this error.

Please could you share a screenshot in english, you can do this replacing the language in the link with "en-US".

Ciao.

Giuseppe

0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎11-18-2022 01:54 AM

Hi @rdiazalo,

to see alerts in Alert Manager, you have to configure all your alerts as Global, otherwise you don't see in this App.

If you found some error in JS execution, there's a message that you can find on the GitHub site.

Ciao.

Giuseppe

 

0 Karma
Reply

rdiazalo
Observer
‎11-18-2022 02:07 AM

Hi @gcusello

Al the alerts are in global.

rdiazalo_0-1668765584664.png

I can see al the alerts on the dashboard. What I cannot do is to filter them. If I choose to just see the ones with new status, it still show me all the alerts.  In this example I select to just see critical alerts in the las 24 hours but it still shows me all alerts of the last 24 hours.

rdiazalo_1-1668765898809.png

 

0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎11-18-2022 02:24 AM

Hi @rdiazalo,

it's strange I haven't your behaviour:

gcusello_0-1668766915534.png

and the only customization I did was the Global sharing.

Which version are you using? I'm using 3.0.11.

Ciao.

Giuseppe

0 Karma
Reply

rdiazalo
Observer
‎11-18-2022 02:46 AM

This are the version of alert manager that I have:

rdiazalo_0-1668768008519.png

 

I made a health test and find that TA- alert_manager got a warning. 

rdiazalo_1-1668768242557.png

What version of Alert Manager Add-on do you have?

 

0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎11-18-2022 02:54 AM

Hi @rdiazalo,

I haven't the Add-On.

Ciao.

Giuseppe

0 Karma
Reply

rdiazalo
Observer
‎11-21-2022 03:24 AM

Hi @gcusello ,

I have perform a restart today to delete Alert manager Add-On but the filter still don't work. 

Did you change any query or something for it to work?

Regards 

0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎11-21-2022 04:52 AM

Hi @rdiazalo,

No I didn't, the only customization was the Global sharing for all alerts.

Ciao.

Giuseppe

0 Karma
Reply

rdiazalo
Observer
‎12-07-2022 01:54 AM

Hi @gcusello ,

I found what the issue was. 

I had an issue importing the query.

Can you send me your Search String? I think that my query still has some issues. So I would like to compare mine with yours.

rdiazalo_0-1670406783255.png

Regards,

Tags (1)
0 Karma
Reply
Get Updates on the Splunk Community!

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...