Reporting
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Suppression of custom splunk alert during specific time on daily basis

prateeksawhney
Explorer
‎09-16-2020 10:41 PM

Hi All,

I have created a custom alert in splunk and I want to put a suppression window in that alert on daily basis from 12am UTC -7am UTC. How can this be achieved? from cron expression or adding something to the original query?

Please help!!!

Labels (1)
Labels
0 Karma
Reply

thambisetty
SplunkTrust
SplunkTrust
‎09-18-2020 01:16 AM

you need to schedule same search multiple times with different cron jobs

*/15 8-23 * * *

The above schedules job except below schedules

00:00,00:15........................,07:00,[07:15,07:30,07:45]

you need only three schedules from above the ones enclosed in []

another cron to schedule job to run  at  07:15,07:30,07:45. 

so you will need total 2 different cron schedules  as below

*/15 8-23 * * * 

15,30,45 7 * * *

 

————————————
If this helps, give a like below.
Reply

thambisetty
SplunkTrust
SplunkTrust
‎09-16-2020 11:00 PM

what is the frequency of schedule and should 12 AM UTC - 7 AM UTC be excluded from schedule?

————————————
If this helps, give a like below.
Reply

prateeksawhney
Explorer
‎09-17-2020 07:16 PM

yes correct, frequency is 15 mins, monday to friday.

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

It’s Monday morning, and your phone is buzzing with alert escalations – your customer-facing portal is running ...

What’s New in Splunk Observability – September 2025

What's NewWe are excited to announce the latest enhancements to Splunk Observability, designed to help ITOps ...

Fun with Regular Expression - multiples of nine

Fun with Regular Expression - multiples of nineThis challenge was first posted on Slack #regex channel ...