| | Good day for everyone,I've built multiple use-cases through correlation search.The concern here , I am getting multip... 0 3 | 0 | 3 | |
| | Hello, If I have a detector in Splunk Observability posting notifications to Slack, is it possible to configure it in... 0 1 | 0 | 1 | |
| | We received all alerts from Splunk Cloud with sender alerts@splunkcloud.com.Can we change the sender to other domain?... 0 3 | 0 | 3 | |
| | Hello everyone,I’ve encountered a problem while setting up a correlation search. For instance, when I use the followi... 0 6 | 0 | 6 | |
| | I have an alert saved that is straight forward. The search is:index=mydata action=blockI have it on a cron schedule a... 0 2 | 0 | 2 | |
| | Dear Splunk community,I have a search in Splunk that generates results:index="myindex" message_id="AU2" | stats count... 0 3 | 0 | 3 | |
| | Good Day All, I'm looking for assistance on how to create a Triggered Alert when a certain percentage number in a... 0 8 | 0 | 8 | |
| | I have both Chinese and English field names from the Windows event log, and I would like to use field aliases so that... 0 1 | 0 | 1 | |
| | Has anyone been able to use the "| sendalert risk ..." command from the correlation search query, even when the searc... 0 4 | 0 | 4 | |
| | Recently we migrated Splunk search head from VM to physical machine. Splunk ES Version: 9.0.3In Splunkd.log We could ... 0 12 | 0 | 12 | |
| | 06-26-2017 15:30:54.878 +0200 WARN sendmodalert - action=sendmail_action - Alert action script returned error code=3... 1 5 | 1 | 5 | |
| | Build Query to Show history of alert management to include Analyst Name, Status, Time in Analysts' queue - Hello, we ... 0 2 | 0 | 2 | |
| | Hello Splunk colleagues!I'm trying to create a new correlation search that generates a notable event, and uses a fiel... 0 1 | 0 | 1 | |
| | Hi All,Trying to configure an alert that runs on the first Sunday only of every month, specifically at 9:30am.I put t... 0 3 | 0 | 3 | |
| | Hi every oneI have a schedule search which will run every day .But some times it going into failed state .Is there an... 0 1 | 0 | 1 | |
| | Hello Splunkers! I’m trying to build an alert for failed authentications that looks the number of occurrences in the... 6 7 | 6 | 7 | |
| | We operate by using scheduled searches to periodically search through logs collected by Splunk, and trigger actions w... 0 3 | 0 | 3 | |
| | We have a very vanilla SC4S configuration that has been working flawlessly with a cron job to do "service sc4s restar... 2 3 | 2 | 3 | |
| | I always get 403 Forbidden when logging in to www.splunk.com.However, when I login from office network, it is ok. Thi... 0 1 | 0 | 1 | |
| | I would like to have Splunk send a GET request to a web page whenever an alert is triggered. I can do this from the S... 0 4 | 0 | 4 | |
| | Hi there, I'm looking to setup an automated email that will trigger any time a new alert comes into Incident Review i... 0 2 | 0 | 2 | |
| | Hi,I would like to get the latest search record or multiple search combination.For example, if my search is as belowi... 0 4 | 0 | 4 | |
| | I am getting the following error message whenever I try to login to my Splunk test environment: user=************** i... 0 5 | 0 | 5 | |
| | I would like to monitor changes made to roles. Most specifically I want to create an alert when the can_delete role ... 1 13 | 1 | 13 | |
| | I have a scheduled report for the previous day's data that gets emailed. I'm trying to include the previous days date... 0 9 | 0 | 9 | |
