Share a Tip
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Health Rules & Dashboards & Alerts Oh My! - Quick Tip

Aram_Gasparyan
Engager
‎02-24-2021 12:15 PM

Quick Tip: When creating a health rule that will alert teams, make sure the same health rule is used in an "eyes-on-screen" dashboard. Do not create 2 different health rules – one for alerting and the other for dashboard viewing.

Why?

Over time, health rules will be tweaked and optimized in order to separate the signal from the noise. This constant update to health rules will ensure that the appropriate alerts are being sent. So, if you have two health rules for each (alert and on-screen) then making sure both health rules are synched becomes an enterprise-level maintenance issue.

And as anticipated, when the health rules do get out of sync ->

the dashboard will show a red status light ->
with no alerts going out to the appropriate teams or vice versa

Typographical edits |
Claudia Landivar, Community Manager and Editor

Reply
Get Updates on the Splunk Community!

Uncovering Multi-Account Fraud with Splunk Banking Analytics

Last month, I met with a Senior Fraud Analyst at a nationally recognized bank to discuss their recent success ...

Secure Your Future: A Deep Dive into the Compliance and Security Enhancements for the ...

What has been announced?  In the blog, “Preparing your Splunk Environment for OpensSSL3,”we announced the ...

New This Month in Splunk Observability Cloud - Synthetic Monitoring updates, UI ...

This month, we’re delivering several platform, infrastructure, application and digital experience monitoring ...