All Apps and Add-ons
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Website Monitoring Alert: host to set exclude_from_alerts

afx
Contributor
‎04-07-2020 01:58 AM

Hi,
in the alert for the Website Monitoring app, there is a check:
tag!="exclude_from_alerts"
Which seems to control exclusion of a specific site from alerts.
But I have no idea how to set this up.
Setting
tag=exclude_from_alerts
or
exclude_from_alerts=true
both just result in Errors in the log.

thx
afx

0 Karma
Reply

jwiedow
Communicator
‎04-23-2020 06:35 AM

The exclude_from_alerts tag is defined in the tags.conf file as the eventtype filter_website_monitoring_alerts. You will find the search definition for this in eventtypes.conf. Right now the search is set to FILL_THIS_SEARCH_IN.

Update the search definition to be what you would like either by adding the stanza to a local/eventtypes.conf or through the Settings|Event Types in the UI.

You can also create additional eventtype definitions and associate those with the tag exclude_from_alerts as well.

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions

This challenge was first posted on Slack #puzzles channelFor BORE at .conf23, we had a puzzle question which ...

Splunk Community Badges!

  Hey everyone! Ready to earn some serious bragging rights in the community? Along with our existing badges ...

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

This puzzle (first published here) is based on matching timestamps to cron expressions.All the timestamps ...