×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
jlayson
New Member
Member since: ‎01-14-2021
‎10-25-2021
Community Statistics
Posts 3
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎01-14-2021
Activity Feed
View All

Alert whenever the devices is not sending traffic ...

by in Alerting
‎10-25-2021 01:33 AM
‎10-25-2021 01:33 AM
index=pan* dvc_name="*" sourcetype="pan:traffic" OR sourcetype="pan:system" how can I trigger an email alert if example 1 or multiple devices are not sending traffic logs after 24hrs. I tried using the alert with condition number of results but it's not sending logs. because splunk counts the result not by device and by logs it added all the results. ... View more
Labels

Re: Alerting using inputlookup

by in Alerting
‎01-14-2021 01:48 AM
‎01-14-2021 01:48 AM
We already have an alert , i just need to add that on the alert as an update.  The user will use there own IP address which is  indicated in field 1 then  the field 2 are 4 address that are not allowed to use if they are using any of the ip address on field1 ... View more

Alerting using inputlookup

by in Alerting
‎01-14-2021 01:30 AM
‎01-14-2021 01:30 AM
Hi all, im new in splunk, i was wondering if you can help me. This is  the scenario, im using inputlookup. I have csv  file with 2 fields field1 is original ip then field 2 is second ip. What i wanted to do if the user get one of ip address in field 1 and  get any ip address in the field 2 then it will alert. But if the user only get ip address in field 1 and did not get ip address in field2 it will not alert. I have multiple ip address in field 1 and only 4 ip address in field 2. Thank you ... View more
Labels
Contact Me
Online Status
Offline
Date Last Visited
‎10-25-2021 06:39 AM