Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to get Splunk triggered alerts results url?

spl_unker
Explorer
‎08-30-2022 02:02 AM

Hi Splunkers ,

 

Im trying to build a dashboard to capture all the triggered alerts with some custom actions to be applied for each alert

Im trying to make a table with  Alert Name , Alert triggered Time and Alerts results URL(which we actually get in an email when we enable  email notification)

I would like to know how to get url for each triggered alert results and pass that into a dashbaord....so that users can view that results by clicking that link and take actions based on that

 

 

Labels (1)
Labels
0 Karma
Reply

isoutamo
SplunkTrust
SplunkTrust
‎08-30-2022 07:38 AM

Hi

you can try something like this. 

index=_audit TERM(action=alert_fired)
| eval alert_url = "http://localhost:8000/en-GB/app/" . ss_app . "/%40go?sid=" . sid
| table _time alert_url ss_app ss_name alert_actions

Replace http://localhost:8000/en_GB/ with your SH proto + name + port + lang.

r. Ismo 

0 Karma
Reply
Get Updates on the Splunk Community!

Announcing Scheduled Export GA for Dashboard Studio

We're excited to announce the general availability of Scheduled Export for Dashboard Studio. Starting in ...

Extending Observability Content to Splunk Cloud

Watch Now!   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to leverage ...

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!

What if there was a way you could keep all the metrics data you need while saving on storage costs?This is now ...