Splunk ITSI
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

I want my threshold value to change with time and search result Splunk ITSI

aishwaryabh
New Member
‎06-02-2020 08:52 PM

Hi, I am looking for an email in KPI ad-hoc search which is supposed to arrive at -7-15am. if it doesn't arrive at 07:15 i want KPI threshold to go amber and if i don't receive it till 07:45(30 mins later) I want my threshold value to turn red. Only when the email arrives values changes to green.

Any help appreciated. Thanks

Labels (1)
Labels
0 Karma
Reply

anilchaithu
Builder
‎06-15-2020 07:35 AM

you can configure time based KPI thresholds along with base/adhoc search. Please refer this page

https://docs.splunk.com/Documentation/ITSI/4.5.0/SI/TimePolicies

0 Karma
Reply
Get Updates on the Splunk Community!

Preparing your Splunk Environment for OpenSSL3

The Splunk platform will transition to OpenSSL version 3 in a future release. Actions are required to prepare ...

Unleash Unified Security and Observability with Splunk Cloud Platform

     Now Available on Microsoft AzureThursday, March 27, 2025  |  11AM PST / 2PM EST | Register NowStep boldly ...

Splunk AppDynamics with Cisco Secure Application

Web applications unfortunately present a target rich environment for security vulnerabilities and attacks. ...