Splunk Enterprise

How to get Splunk alerting for Admins during on-call for free?

justynap_ldz
Path Finder

Hello Splunk Admins,

What solutions you use to get notified on mobile about internal Splunk issues in out of office hours?
I mean when e.g. splunkd goes down on indexers, data is not indexed anymore for any reason etc.
We need something free of charge. There is no other team except of us who needs to be notified about the issue.
I have heard about Splunk On Call solution but seems to be a bit complex. Anyone having any experience with it?
Hope to get some inspirations

Many greetings,
Justyna

Labels (2)
Tags (1)
0 Karma

kkong_splunk
Splunk Employee
Splunk Employee

(Full disclaimer: I'm the product manager for Splunk Mobile)

 

Splunk Mobile is a free app for Android or iOS that allows you to send push notifications to your phone based on the alerts in Enterprise. We actually had a user that we featured in our breakout session this year (PLA1488A) at .conf22 who used Mobile alerts to monitor his indexers, and was able to catch them going down on a weekend because of Splunk Mobile. 

You can configure alerts to be sent to a specific role, so if you already have a Splunk role setup for the folks on your team, you can send alerts to that role to receive them on mobile.

 

Documentation on getting started with Splunk Mobile is here:  https://docs.splunk.com/Documentation/Alerts/2.31.1/Alerts/GetStarted

Documentation on alerts specifically is here: https://docs.splunk.com/Documentation/Alerts/2.31.1/Alerts/SendAlerts

An overview of what Splunk Mobile looks like is here: https://www.youtube.com/watch?v=FOHwU00IVUE&ab_channel=Splunk

0 Karma
Get Updates on the Splunk Community!

Earn a $35 Gift Card for Answering our Splunk Admins & App Developer Survey

Survey for Splunk Admins and App Developers is open now! | Earn a $35 gift card!      Hello there,  Splunk ...

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

You’ve probably heard the latest about AppDynamics joining the Splunk Observability portfolio, deepening our ...

Monitoring Amazon Elastic Kubernetes Service (EKS)

As we’ve seen, integrating Kubernetes environments with Splunk Observability Cloud is a quick and easy way to ...