- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
So I've setup Splunk IT Service Intelligence (ITSI) and am interested in setting up Email Alerts with ITSI (if possible)
So far I've been looking into the Multi-KPIAlerts via: https://docs.splunk.com/Documentation/ITSI/2.5.1/User/CreateMulti-KPIAlerts. This creates correlated searches that ultimately create "Notable events" but what about email alerts?
I see the benefit of Multi-KPIAlerts but is there anyway to get an email sent each time a notable event is happens? Or is ITSI able to send out email alerts period?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
According to this doc:
http://docs.splunk.com/Documentation/ITSI/2.4.1/User/CreateCorrelationSearch
ITSI saves the alerts as a correlation search.
You can find the corresponding correlation search to your multiKPIAlert and add an email action there.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@Jarohnimo - Did the answer provided by ehudb help provide a working solution to your question? If yes, please don't forget to resolve this post by clicking "Accept". If no, please leave a comment with more feedback. Thanks!
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
According to this doc:
http://docs.splunk.com/Documentation/ITSI/2.4.1/User/CreateCorrelationSearch
ITSI saves the alerts as a correlation search.
You can find the corresponding correlation search to your multiKPIAlert and add an email action there.
