Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Alert scheduler question- How to run in seconds?

metylkinandrey
Communicator
‎10-20-2022 04:53 AM

Good afternoon! I figured out how to set up alerts. Understood with the parameter: Cron Expression.

Currently I am using: */1 * * * * (run every minute).

Tell me how to run in seconds, I tried a lot of options, but the splunk swears - it gives an error. How, for example, to run every 30 or 40 seconds?

 

Thanks in advance!

Labels (1)
Labels
Tags (1)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

johnhuang
Motivator
‎10-20-2022 05:34 AM

Cron jobs do not support seconds -- I'm not sure why you need to run something this frequent? 

View solution in original post

Reply
Solved! Jump to solution
Solution

johnhuang
Motivator
‎10-20-2022 05:34 AM

Cron jobs do not support seconds -- I'm not sure why you need to run something this frequent? 

Reply
Solved! Jump to solution

metylkinandrey
Communicator
‎10-20-2022 05:36 AM

Understood thanks!
Well, how to say, for demos and testing, such intervals are convenient.

0 Karma
Reply
Solved! Jump to solution

johnhuang
Motivator
‎10-20-2022 05:41 AM

You can try scheduling it as a real time search which causes it to run continously and process data as it comes in.

Tags (1)
0 Karma
Reply
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In November, the Splunk Threat Research Team had one release of new security content via the Enterprise ...

Index This | Divide 100 by half. What do you get?

November 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this ...

Stay Connected: Your Guide to December Tech Talks, Office Hours, and Webinars!

❄️ Celebrate the season with our December lineup of Community Office Hours, Tech Talks, and Webinars! ...