Splunk Search
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Is it possible to add the same action to all of the alerts in one time?

sarit_s
Communicator
‎03-28-2023 02:41 AM

Hello

I need to add alert action to many alerts,
Is it possible to add the same action to all of the alerts in one time ?

 

Thanks

Tags (2)
0 Karma
Reply

richgalloway
SplunkTrust
SplunkTrust
‎03-28-2023 05:52 AM

No, it is not possible.

I would do it once in the UI, then edit savedsearches.conf in the relevant app and copy the changes to the other alerts.  Then restart the SH.  If you have a SHC, make the changes on the deployer and apply the shbundle.

---
If this reply helps you, Karma would be appreciated.
Reply
Get Updates on the Splunk Community!

Mastering Data Pipelines: Unlocking Value with Splunk

 In today's AI-driven world, organizations must balance the challenges of managing the explosion of data with ...

The Latest Cisco Integrations With Splunk Platform!

Join us for an exciting tech talk where we’ll explore the latest integrations in Cisco + Splunk! We’ve ...

AI Adoption Hub Launch | Curated Resources to Get Started with AI in Splunk

Hey Splunk Practitioners and AI Enthusiasts! It’s no secret (or surprise) that AI is at the forefront of ...
Top