Building for the Splunk Platform

Home page should be alert page

cyber_Maddy
Engager

cyber_Maddy_0-1634031428384.png

The default page needs to be changed, after login to Splunk I should be directed to all the triggered alert page. 

Eg: below are the triggered alert, After login I should be able to see the alert which is triggered with time seviarity and other common information and after analyzing I should be able to close the triggered alert. Can any one please guide me on this ?

cyber_Maddy_1-1634031539755.png

 

Labels (4)
0 Karma

Stefanie
Builder

You can use a search like this to create a dashboard for your homepage.

index=_audit action=alert_fired ss_app=* | eval ttl=expiration-now() | search ttl>0 | convert ctime(trigger_time) | table trigger_time ss_name severity | rename trigger_time as "Alert Time" ss_name as "Alert Name" severity as "Severity"
0 Karma
Get Updates on the Splunk Community!

Happy CX Day to our Community Superheroes!

Happy 10th Birthday CX Day!What is CX Day? It’s a global celebration recognizing innovation and success in the ...

Check out This Month’s Brand new Splunk Lantern Articles

Splunk Lantern is a customer success center providing advice from Splunk experts on valuable data insights, ...

Routing Data to Different Splunk Indexes in the OpenTelemetry Collector

This blog post is part of an ongoing series on OpenTelemetry. The OpenTelemetry project is the second largest ...