- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
How to write query for analytics of reports and alerts?
Dear Colleagues
Help write a query to get data about all reports and alerts
I need to get information e.g.
1. Execution time of each report and alert
2. How much does a completed report and alerts
and stuff like that
tried to find information in the monitoring console
But did not find information about each report and alert
I will be grateful !
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content

Settings -> Monitoring Console -> Search -> Activity -> Search Activity: Deployment
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@woodcock
Hi!
I see their information only about the searches themselves
I need analytics about reports and alerts
thanks for your reply!)
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content


Hi @gitingua ,
using the following search using REST API
| rest /servicesNS/-/MYAPP/saved/searches
you list all the savedsearches you have in your Splunk Environment.
Then you can filter them for status (enabled or disables) if they are alerts or reports, etc... and then you can define which information display (e.g. title, search, status, etc...=
Ciao.
Giuseppe
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @gcusello
I looked at your example
But that's not what I was looking for
I need report and alert analytics.
Eg:
average run time and stuff like that
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content


