Reporting

Trigger alert not seen as email notification for some events?

Veeru
Path Finder

on 11th October we had 5 events, but we received only 2 email notification.

 

Below the 5 events of the alert for Yesterday (11th Oct)

 

1            2022-10-11 23:30:04 BST             View Results

2            2022-10-11 23:00:05 BST             View Results

3            2022-10-11 22:30:04 BST             View Results

4            2022-10-11 22:00:02 BST             View Results

5            2022-10-11 14:00:02 BST             View Results

 

But we received email notification only for 1st and 5th event. No email notification for 2nd 3rd and 4th. Could please help us for this discrepancy since we had Client impact and caused so many transactions failures and for issues event was generated but email was not trigged.

Can help me how to resolve this issue

Thank you,
Veeru

Labels (1)
Tags (1)
0 Karma
1 Solution

isoutamo
SplunkTrust
SplunkTrust

Hi

have you or your client configured a grace period for that alert? If that's the situation then just you need to change that if. you want alerts for all of those.

Another option is that there is some issues with email servers. You should understand that email is not a reliable (100%) method for alerting. You could look from _internal if those emails have sent like

index=_internal sourcetype=splunkd sendemail

You could add another search word if needed.

r. Ismo 

View solution in original post

isoutamo
SplunkTrust
SplunkTrust

Hi

have you or your client configured a grace period for that alert? If that's the situation then just you need to change that if. you want alerts for all of those.

Another option is that there is some issues with email servers. You should understand that email is not a reliable (100%) method for alerting. You could look from _internal if those emails have sent like

index=_internal sourcetype=splunkd sendemail

You could add another search word if needed.

r. Ismo 

Veeru
Path Finder

Thanks @isoutamo 

I found what's the  solution.

Happy Splunking!

0 Karma

ktsiagas
New Member

Hi @Veeru

as i am afraid that i have the same issue with you, could you please inform us what have you done to fix the problem?

Best Regards.

Tags (1)
0 Karma
Get Updates on the Splunk Community!

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...

Let’s Get You Certified – Vegas-Style at .conf24

Are you ready to level up your Splunk game? Then, let’s get you certified live at .conf24 – our annual user ...