All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Website Monitoring Alert: host to set exclude_from_alerts

afx
Contributor
‎04-07-2020 01:58 AM

Hi,
in the alert for the Website Monitoring app, there is a check:
tag!="exclude_from_alerts"
Which seems to control exclusion of a specific site from alerts.
But I have no idea how to set this up.
Setting
tag=exclude_from_alerts
or
exclude_from_alerts=true
both just result in Errors in the log.

thx
afx

0 Karma
Reply

jwiedow
Communicator
‎04-23-2020 06:35 AM

The exclude_from_alerts tag is defined in the tags.conf file as the eventtype filter_website_monitoring_alerts. You will find the search definition for this in eventtypes.conf. Right now the search is set to FILL_THIS_SEARCH_IN.

Update the search definition to be what you would like either by adding the stanza to a local/eventtypes.conf or through the Settings|Event Types in the UI.

You can also create additional eventtype definitions and associate those with the tag exclude_from_alerts as well.

0 Karma
Reply
Get Updates on the Splunk Community!

Dashboards: Hiding charts while search is being executed and other uses for tokens

There are a couple of features of SimpleXML / Classic dashboards that can be used to enhance the user ...

Splunk Observability Cloud's AI Assistant in Action Series: Explaining Metrics and ...

This is the fourth post in the Splunk Observability Cloud’s AI Assistant in Action series that digs into how ...

Brains, Bytes, and Boston: Learn from the Best at .conf25

When you think of Boston, you might picture colonial charm, world-class universities, or even the crack of a ...