...ot use Splunk Add-on Builder and simply manually edit the alert_actions.conf, app.conf and UI etc.. The python script under the bin folder of app fetch the payload and reads the host field and based on t...
I am trying to create a splunkalert for duplicate data and would like some help in creating the splunk search. The data looks something like this for a giving search time duration
Server P...
Hello. I created an alert (based off a search I wrote) within one of my splunk apps. I tested the alert out and it works. The problem is that I cannot find the alert name in my list of alerts. I t...
Hi Guys,
In my project environment, every splunkd is installed using splunk user. So I need to create an alert if any splunkd on any splunk server (enterprise or UF) gets started with root or any o...
I have users creating alerts in our DEV space and I was wondering if those are stored in .CONF stanza that I can pickup and use to migrate to production?
If they are where are they stored and is t...
Hi at all,
I created a Splunk cluster, created an alert on the main search, but I could not find it in the alert,
I click "alert" on the navigation bar,It has been constantly in the refresh, W...
Hi
I have date format in logs as below.
Expiry date : Sun Apr 11 05:00:00 MST 2021
I need to create an alert if the expiry date less than 90 days from today.
This is what I tried w...
Hello Fellow Splunkers!
The goal is to create ServiceNow Incidents/Events exclusively from Splunk Enterprise alerts using the Custom Alert action (we do not have Splunk ES or Splunk ITSI*).&n...