×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Dubzerino
Explorer
Member since: ‎03-21-2014
‎06-05-2020
Community Statistics
Posts 4
Solutions 0
Karma Given 0
Karma Received 1
Member Since ‎03-21-2014
View All

Re: Any way to only list triggers that garnered a ...

by in Alerting
‎03-24-2014 01:42 AM
‎03-24-2014 01:42 AM
p.s. I do feel that I drafted my original posting badly, but my attempts to reword it have been repeatedly thwarted by the insane, misfiring Captcha. ... View more

Re: Any way to only list triggers that garnered a ...

by in Alerting
‎03-24-2014 01:41 AM
‎03-24-2014 01:41 AM
Thanks for the reply Martin. I actually do have the condition set to > 0. Unfortunately, the Trigger History lists all times that the alert was triggered, regardless of whether or not any results were found. You need to click on individual rows to find out how many results lie within, which is very inefficient. In my opinion, the ability to filter 'zero result' rows out of the list would be great; or even a visual cue on each row to tip users off about how many results lie within. ... View more

Re: Any way to only list triggers that garnered a ...

by in Alerting
‎03-21-2014 12:26 PM
‎03-21-2014 12:26 PM
Thanks for the reply. To elaborate slightly. my alert searches the logs once per-hour for errors. Most hours, it finds none. But if I login to Splunk and click on the alert, I am presented with Trigger History Listing, each row of which offers no clue as to whether it pertains to an hour when errors were found, or not. So I have to trawl the rows, clicking and expanding them in search of hours when errors did occur. This is tedious, because I don't care about hours during which no errors occurred. As explained, having the alert send emails isn't currently an option. Any other possibilities? ... View more

Any way to only list triggers that garnered a resu...

by in Alerting
‎03-21-2014 10:12 AM
1 Karma
‎03-21-2014 10:12 AM
1 Karma
Hi, I have an alert which periodically searches for errors in my application's logs. For reasons I won't bore anybody with, emailing from Splunk is currently disabled in my organisation. I similarly am unlikely to be granted access to avail of the 'Run a Script' action. This only leaves 'List in Triggered Alerts'. I wouldn't mind this so much, if the list didn't include alerts that reaped zero results. I find that I have to repeatedly, tediously click on individual rows of the listing to find out whether there are any results inside. Any way to only have the trigger list contain rows that reaped more than zero results? Any and all advice, greatly appreciated, All the Best, Dub p.s. am I dreaming, or did the sign-up process for this community force me to select "Yes, I would like to receive newsletters etc"? If you can't opt out, why even make it a radio button? Never seen a registration form take that approach in my life... ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM
Karma from
View All