Splunk Enterprise

Is it possible to export alerts from splunk cloud?

Dayane_tr
Path Finder

Hi everyone,

I would like to know if it is possible to export the alerts created in the splunk cloud instance.

I want to export the queries for each alert at once.

It's possible?

Regards 🙂

Labels (3)
Tags (2)
0 Karma
1 Solution

seemanshu
Explorer

Hi Dayane_tr,

In Splunk Cloud, you could submit a support ticket asking for the app's savedsearches.conf files.

You could learn more about the alert configurations in savedsearches.conf files, here Configure alerts in savedsearches.conf - Splunk Documentation.

If this reply helps you, an upvote would be appreciated.

View solution in original post

seemanshu
Explorer

Hi Dayane_tr,

In Splunk Cloud, you could submit a support ticket asking for the app's savedsearches.conf files.

You could learn more about the alert configurations in savedsearches.conf files, here Configure alerts in savedsearches.conf - Splunk Documentation.

If this reply helps you, an upvote would be appreciated.

isoutamo
SplunkTrust
SplunkTrust

Hi

You could try this one, even it has developed on OnPrem version. You must have REST api enabled on your SC stack to use this.

r. Ismo

0 Karma

Dayane_tr
Path Finder

Hi @isoutamo 

Sorry, I didn't understand your explanation.

 

D.

0 Karma

isoutamo
SplunkTrust
SplunkTrust

This presentation shows to you how to make backup from splunk environment over REST API. I suppose that it works also with splunk cloud stack, but I haven’t test it.

sorry, I forget to add link here https://www.google.fi/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&ved=2ahUKEwjA6NSLpaz4AhUiCRAIHUY_AO8QF...

Get Updates on the Splunk Community!

Ready, Set, SOAR: How Utility Apps Can Up Level Your Playbooks!

 WATCH NOW Powering your capabilities has never been so easy with ready-made Splunk® SOAR Utility Apps. Parse ...

DevSecOps: Why You Should Care and How To Get Started

 WATCH NOW In this Tech Talk we will talk about what people mean by DevSecOps and deep dive into the different ...

Introducing Ingest Actions: Filter, Mask, Route, Repeat

WATCH NOW Ingest Actions (IA) is the best new way to easily filter, mask and route your data in Splunk® ...