Splunk IT Service Intelligence

Can Splunk IT Service Intelligence (ITSI) send email alerts?

Jarohnimo
Builder

So I've setup Splunk IT Service Intelligence (ITSI) and am interested in setting up Email Alerts with ITSI (if possible)

So far I've been looking into the Multi-KPIAlerts via: https://docs.splunk.com/Documentation/ITSI/2.5.1/User/CreateMulti-KPIAlerts. This creates correlated searches that ultimately create "Notable events" but what about email alerts?

I see the benefit of Multi-KPIAlerts but is there anyway to get an email sent each time a notable event is happens? Or is ITSI able to send out email alerts period?

0 Karma
1 Solution

ehudb
Contributor

According to this doc:

http://docs.splunk.com/Documentation/ITSI/2.4.1/User/CreateCorrelationSearch

ITSI saves the alerts as a correlation search.
You can find the corresponding correlation search to your multiKPIAlert and add an email action there.

View solution in original post

aaraneta_splunk
Splunk Employee
Splunk Employee

@Jarohnimo - Did the answer provided by ehudb help provide a working solution to your question? If yes, please don't forget to resolve this post by clicking "Accept". If no, please leave a comment with more feedback. Thanks!

0 Karma

ehudb
Contributor

According to this doc:

http://docs.splunk.com/Documentation/ITSI/2.4.1/User/CreateCorrelationSearch

ITSI saves the alerts as a correlation search.
You can find the corresponding correlation search to your multiKPIAlert and add an email action there.

Get Updates on the Splunk Community!

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...

Let’s Get You Certified – Vegas-Style at .conf24

Are you ready to level up your Splunk game? Then, let’s get you certified live at .conf24 – our annual user ...