My search condition is checking for results less than 10 every 45 minutes. The problem is we don't have that much traffic in the night to make it up to 10 searches. Is there an option to alert based on time of the day, for example trigger an alert if the number of searches is less than 10 between 09:00 to 18:00 and in the off hours trigger an alert if the number of searches is less than 3.
I can write a separate splunk alert to cover off hours but wanted to check if there is an option to do this in the one alert.
... View more