Splunk ITSI
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Splunk action to trigger and run a script to do autohealing

jaracan
Communicator
‎02-02-2025 08:19 PM

Hi,

Our project is planning to have Splunk ITSI to do batch monitoring from Control M jobs and have autohealing as well. Would that be feasible with Splunk ITSI? Does Splunk ITSI have capabilities to take action like running a custom script to force restart, or force OK a Control M job once conditions are met to be ? Looking forward to your insights.

Labels (1)
Labels
0 Karma
Reply

Esky73
Builder
‎02-02-2025 08:49 PM

yep .. we are doing just that - 1st you need to capture a batch job failing - this can be done in a number of ways such as writing the batch status to a log file to capture failures.
- Then monitor that log file and create a KPI
- Create a custom alert action that runs a batch job restart

- in the neap create the logic that when the KPI picks up a failing batch job then trigger the custom alert action

- then you need another correlation search to capture the batch job being successful and correlate with the KPI returning to normal to complete the cycle

0 Karma
Reply

jaracan
Communicator
‎02-03-2025 09:53 PM

Hi @Esky73 , thank you for your insights.

Can you provide details on the custom alert action that runs a batch job restart? Is the script being run from Splunk to Control M server? or the script is present on the Control M server, and Splunk have a way to trigger it externally?

0 Karma
Reply
Get Updates on the Splunk Community!

Blueprints for High-Maturity Operations: Splunk Lantern Articles on SOAR, ES 8.4, ...

Splunk Lantern is Splunk’s customer success center that provides practical guidance from Splunk experts on key ...

Simplifying the Analyst Experience with Finding-based Detections

    Splunk invites you to an engaging Tech Talk focused on streamlining security operations with ...

[Puzzles] Solve, Learn, Repeat: Word Search

This challenge was first posted on Slack #puzzles channelThis puzzle is based on a letter grid containing ...