All Apps and Add-ons



How do I configure splunk to notify me by email when cutting the connection to the database and can not continue indexing data? I use db connect.

best regards.

0 Karma


An alternative to this method that to be very configurable, you can put in 24 hours if not generated any event, send a Notice splunk, but if in 72 hours not generated any email sent event of danger.
Could there perhaps a better alternative?

0 Karma

Super Champion

It actually works very efficient for me because I'm using dbx to monitor database logging. We use a tailing method and therefore the dbx is checking on a schedule and each time dbx checks the database it genenerates a log entry. If we loose the connection to the database then we get an alert, and when the database is connected we are guaranteed that there will be events.

0 Karma


Great, thank you very much lukejadamec !

With regard to this method that you mention it, I do not know if it's very efficient because you have to trust that every day, 24 Hs of the day, the DB will be generating at least one event .... In case you did not, then the alert would begin to annoy, taking away sense to notice.

0 Karma


great, thank you very much!

0 Karma


great, thank you very much!

0 Karma

Super Champion

You can create a search like:
index=yourdbxindex source=yourdbxsource

Save the search.

Create an Alert for the search:

Time: -15m@m now

Schedule: Cron 0 */1 * * *

Condition: If number of events is less than 1

Send Email: Enable

Email Address: your email address

This will check once an hour for data from your dbx source. Change the cron schedule to adjust the frequency.

Super Champion

For some reason the Cron schedule was truncated. It should read zero space star slash one space star space star space star

0 Karma
Get Updates on the Splunk Community!

Splunk Enterprise Security 8.0.2 Availability: On cloud and On-premise!

A few months ago, we released Splunk Enterprise Security 8.0 for our cloud customers. Today, we are excited to ...

Logs to Metrics

Logs and Metrics Logs are generally unstructured text or structured events emitted by applications and written ...

Developer Spotlight with Paul Stout

Welcome to our very first developer spotlight release series where we'll feature some awesome Splunk ...