Reporting

Trigger alert not seen as email notification for some events?

Veeru
Path Finder

on 11th October we had 5 events, but we received only 2 email notification.

 

Below the 5 events of the alert for Yesterday (11th Oct)

 

1            2022-10-11 23:30:04 BST             View Results

2            2022-10-11 23:00:05 BST             View Results

3            2022-10-11 22:30:04 BST             View Results

4            2022-10-11 22:00:02 BST             View Results

5            2022-10-11 14:00:02 BST             View Results

 

But we received email notification only for 1st and 5th event. No email notification for 2nd 3rd and 4th. Could please help us for this discrepancy since we had Client impact and caused so many transactions failures and for issues event was generated but email was not trigged.

Can help me how to resolve this issue

Thank you,
Veeru

Labels (1)
Tags (1)
0 Karma
1 Solution

isoutamo
SplunkTrust
SplunkTrust

Hi

have you or your client configured a grace period for that alert? If that's the situation then just you need to change that if. you want alerts for all of those.

Another option is that there is some issues with email servers. You should understand that email is not a reliable (100%) method for alerting. You could look from _internal if those emails have sent like

index=_internal sourcetype=splunkd sendemail

You could add another search word if needed.

r. Ismo 

View solution in original post

isoutamo
SplunkTrust
SplunkTrust

Hi

have you or your client configured a grace period for that alert? If that's the situation then just you need to change that if. you want alerts for all of those.

Another option is that there is some issues with email servers. You should understand that email is not a reliable (100%) method for alerting. You could look from _internal if those emails have sent like

index=_internal sourcetype=splunkd sendemail

You could add another search word if needed.

r. Ismo 

Veeru
Path Finder

Thanks @isoutamo 

I found what's the  solution.

Happy Splunking!

0 Karma

ktsiagas
New Member

Hi @Veeru

as i am afraid that i have the same issue with you, could you please inform us what have you done to fix the problem?

Best Regards.

Tags (1)
0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...