Splunk ITSI
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Splunk action to trigger and run a script to do autohealing

jaracan
Communicator
‎02-02-2025 08:19 PM

Hi,

Our project is planning to have Splunk ITSI to do batch monitoring from Control M jobs and have autohealing as well. Would that be feasible with Splunk ITSI? Does Splunk ITSI have capabilities to take action like running a custom script to force restart, or force OK a Control M job once conditions are met to be ? Looking forward to your insights.

Labels (1)
Labels
0 Karma
Reply

Esky73
Builder
‎02-02-2025 08:49 PM

yep .. we are doing just that - 1st you need to capture a batch job failing - this can be done in a number of ways such as writing the batch status to a log file to capture failures.
- Then monitor that log file and create a KPI
- Create a custom alert action that runs a batch job restart

- in the neap create the logic that when the KPI picks up a failing batch job then trigger the custom alert action

- then you need another correlation search to capture the batch job being successful and correlate with the KPI returning to normal to complete the cycle

0 Karma
Reply

jaracan
Communicator
‎02-03-2025 09:53 PM

Hi @Esky73 , thank you for your insights.

Can you provide details on the custom alert action that runs a batch job restart? Is the script being run from Splunk to Control M server? or the script is present on the Control M server, and Splunk have a way to trigger it externally?

0 Karma
Reply
Get Updates on the Splunk Community!

SplunkTrust Application Period is Officially OPEN!

It's that time, folks! The application/nomination period for the 2025 SplunkTrust is officially open! If you ...

Splunk Answers Content Calendar, June Edition II

Get ready to dive into Splunk Dashboard panels this week! We'll be tackling common questions around ...

Splunk Observability Cloud's AI Assistant in Action Series: Auditing Compliance and ...

This is the third post in the Splunk Observability Cloud’s AI Assistant in Action series that digs into how to ...