Re: Search for Alert Monitoring. - Page 2

AL3Z · ‎12-13-2023

hello,

Could anyone assist me in creating a correlation search to detect triggered alerts across all searches. This will enable us to monitor counts and automatically notify us if any situation escalates beyond control.

Thanks

gcusello · ‎12-14-2023

Hi @AL3Z,

this is the training:

https://www.splunk.com/en_us/training/course-catalog.html?filters=filterGroup4SplunkEnterpriseSecuri...

Ciao.

Giuseppe

AL3Z · ‎12-14-2023

@gcusello ,

Its look like a paid course by any chance it there any link of free course ?

gcusello · ‎12-14-2023

Hi @AL3Z,

yes except the first, they are all paid courses.

Ciao.

Giuseppe

gcusello · ‎12-14-2023

Hi @AL3Z ,

No, you have only to define the asset (or the identity) in the correlation search.

In other words, in the results of your CS you must have an asset (or the identity) and define this field for the risk score.

Ciao.

Giuseppe

Search for Alert Monitoring.

monitoring console

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas

Data Management Digest – May 2026

Join the Conversation

Search for Alert Monitoring.

monitoring console

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas

Data Management Digest – May 2026