...hanged-save-searches-alert-cron-schedule-with-rest-api-bash/m-p/559595
What I have done:
| rest /servicesNS/-/-/saved/searches
| search disabled = 0 AND action.email = 1 AND i...
Hi All, Long time lurker, first time poster. I'm the admin of our Splunk instance and I can't see an alert my colleague (of a lesser permission'ed role) created. AFAIK, the alert is set to p...
...nvoking modular alertaction=logevent for search="6005"
I feel like it is a permission issue but not sure what else I can change.
Splunk Enterprise V7.0 and also on V7.1.3
I have just added 2 new alertactions in Splunk. I verified that the permissions on the alertaction are read for everyone, and the app for that alertaction is shared to everything. I am unable to s...
We're trying to set up some searches/alerts when someone makes a change to mailboxes on Exchange Online. I'm still learning SPL, but I'm having some issues with this particular one.
Splunk gets t...
I have a customer that needs a group of non-Splunk admin users to be able to create and manage custom alertactions. I don't see any capabilities specific to that function.
Is there a way to g...
Hi @gcusello , User is complaining that she is unable to view the alert. The following error she is getting. Is there any permission issue? Regards, Rahul
Hello, I have created a custom alertaction app as specified in the Splunk development documentation. I also created another more basic app to test and am still having the same issue. The issue is t...
Hello,
I have a python script as an alertaction.
I could not make it work until I changed the owner of the alert to admin. Even when the owner had the admin role, the script was not called.
I...