×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
snchow
New Member
Member since: ‎04-11-2019
‎06-05-2020
Community Statistics
Posts 2
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎04-11-2019
View All

Re: Setting up alert to send email when an web ser...

by in Alerting
‎04-16-2019 09:55 AM
‎04-16-2019 09:55 AM
Hi: Thanks for your response. I am new to Splunk- taking time to conceptualize different aspects! When I try to create a new Look up Definition at Splunk "Settings" -> choose a destination App, Give a Name, choose type (file-based as default) and Choose a Lookup file from a drop-down. When I go to create a new look up table file-> it asks to upload a (.csv) lookup table file. 1. As you have mentioned logger_sourcetypes.csv, is this the one to create first and then upload? What will be the content of this file? 2. Where does the content you specified as index=xyz_nonprod earliest=0 latest=now | dedup sourcetype | sort 0 - sourcetype | outputlookup logger_sourcetypes.csv actually stay? Thanks for the support. ... View more

Setting up alert to send email when an web service...

by in Alerting
‎04-11-2019 02:53 PM
‎04-11-2019 02:53 PM
Hi: I am trying to set up an alert at Splunk to send me an email when one of our web services is down. We use Java Spring Boot web service. Using Docker image at Rancher servers. I am new to Splunk. I need help creating the search string to create the alert. Say, abc is the web service name We use search string: index=xyz_nonprod sourcetype=abc-wsqa-logger The docker-compose.yml has the following info , -> splunk-token: ${SPLUNK_TOKEN} splunk-url: ${SPLUNK_URL} splunk-index: ${SPLUNK_INDEX} splunk-sourcetype: "abc-ws${APPLICATION_ENV }-logger" splunk-source: "HttpEventCollectorLogbackAppender" splunk-insecureskipverify: "true" tag: "{{.Name}}/{{.FullID}}" I found sample example to create the a search as index=_internal " error " NOT debug source=*splunkd.log* Need help to fit it in my case to set up an alert when service abc is down. What would be the search string? Thanks Nahid Chow ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM