I'm new to Splunk Enterprise, I did some searching and reporting for file log data, and from them, I implemented alerting and it worked well. Is it possible to make my alert show up in Monitoring Console Splunk Enterprise?
When I open the Splunk Enterprise Monitoring Console, all the searching and alert that I made not show up there, how to make my searching and alert that I made it show up in Monitoring Console?
Pict 1: Search and Alert in Monitoring Console (no search and alert that I made)
Pict 2: Search and Alert I made
what is your role. I guess, You need admin rights to move knowledge objects across apps.
If its not possible create the alert in MC app using run a search.
The alert has to be created in monitoring console to show up. Since it is already created you can move it to monitoring console app.
Edit -> move -> select "monitoring console"
If this helps, up vote is appreciated.
what is your role. I guess, You need admin rights to move knowledge objects across apps.
If its not possible create the alert in MC app using run a search.
I am Admin,
I did and still not show up in "Alert Setup" Menu MC, only the default alert MC is show up
please check settings -> searches, reports and alerts
Okay, it appeared!
So, the alert will be able to run in monitoring console automatically?
Yes!!! It should run in monitoring console app.
Did the search run? what is the schedule?
From the image shared, It looks like the alert has been scheduled every monday 6am.
So I need to wait untill tomorrow at 6 am?
okay, thx so much !