Dashboards & Visualizations
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Solved! Jump to solution

Alert trigger condition token

ryhluc01
Communicator
‎01-04-2019 11:09 AM

Is there a token for trigger conditions? The trigger condition option within the alert only tells you the type (i.e numbered or custom) of condition but not the content of the condition.

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

ryhluc01
Communicator
‎01-14-2019 08:27 AM

I was not able to find a token for this purpose. I ended up just manually typing in my condition instead

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

ryhluc01
Communicator
‎01-14-2019 08:27 AM

I was not able to find a token for this purpose. I ended up just manually typing in my condition instead

0 Karma
Reply
Solved! Jump to solution

niketn
Legend
‎01-04-2019 05:59 PM

@ryhluc01 please elaborate your question for the need of token for the community to assist you better. Can Custom trigger condition help you in any way?

____________________________________________
| makeresults | eval message= "Happy Splunking!!!"
0 Karma
Reply
Solved! Jump to solution

ryhluc01
Communicator
‎01-07-2019 07:00 AM

Thank you, I was essentially looking for a quick way to insert the content for my triggered condition directly into the email without having to manually type it out. I was hoping there was a token to use instead.

We have tokens for all sorts of things but I have not found one that will grab the content of the alert trigger.

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Detection Engineering Office Hours: Real-World Troubleshooting & Q&A

[REGISTER HERE] This thread is for the Community Office Hours session on Detection Engineering Office Hours: ...

Developer Spotlight with Mika Borner

From Hackathon Winner to Enterprise Leader    Mika Borner, CEO and Founder of Datapunctum AG, has been ...

Continue Your Federation Journey: Join Session 3 of the Bootcamp Series

To help practitioners build a stronger foundation, we launched the Data Management & Federation ...