Splunk action to trigger and run a script to do au...

jaracan · ‎02-02-2025

Hi,

Our project is planning to have Splunk ITSI to do batch monitoring from Control M jobs and have autohealing as well. Would that be feasible with Splunk ITSI? Does Splunk ITSI have capabilities to take action like running a custom script to force restart, or force OK a Control M job once conditions are met to be ? Looking forward to your insights.

Esky73 · ‎02-02-2025

yep .. we are doing just that - 1st you need to capture a batch job failing - this can be done in a number of ways such as writing the batch status to a log file to capture failures.
- Then monitor that log file and create a KPI
- Create a custom alert action that runs a batch job restart

- in the neap create the logic that when the KPI picks up a failing batch job then trigger the custom alert action

- then you need another correlation search to capture the batch job being successful and correlate with the KPI returning to normal to complete the cycle

jaracan · ‎02-03-2025

Hi @Esky73 , thank you for your insights.

Can you provide details on the custom alert action that runs a batch job restart? Is the script being run from Splunk to Control M server? or the script is present on the Control M server, and Splunk have a way to trigger it externally?

Splunk action to trigger and run a script to do autohealing

using ITSI

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

What’s New in Splunk Observability – September 2025

Fun with Regular Expression - multiples of nine

Are you a member of the Splunk Community?

Splunk action to trigger and run a script to do autohealing

using ITSI

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

What’s New in Splunk Observability – September 2025

Fun with Regular Expression - multiples of nine