×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Splunking
Engager
Member since: ‎02-03-2022
‎02-10-2022
Community Statistics
Posts 2
Solutions 1
Karma Given 0
Karma Received 1
Member Since ‎02-03-2022
View All

Re: Splunk Add-on for SolarWinds - Alerts input no...

by in Splunk Enterprise
‎02-10-2022 07:46 AM
1 Karma
‎02-10-2022 07:46 AM
1 Karma
We resolved this issue ourselves.    The needed Splunk logs  for each SolarWinds Alert can be found at $SPLUNK_HOME/var/log/splunk. When looking at the solarwinds_alerts log,  we noticed that the initial_start_time was set to the future --  it was set to 2022-02-28T00:00:00.0  instead of 2022-01-28T00:00:00.0.  We changed the  initial_start_time to 2022-01-28T00:00:00.0 in the GUI, restarted splunk, and tested again.  Still no alerts being generated.   We then rebooted the server and the alerts were still not being generated after reboot.   When we looked at the log file again it kept identifying the original  incorrect initial_start_time in the log though it was displayed correctly with a time of 2022-01-28T00:00:00.0  in the GUI.   Finally, we created a new alert with the correct initial_start_time of 2022-01-28T00:00:00.0 and everything worked.   The original alert still does not work. ... View more

Splunk Add-on for SolarWinds - Alerts input not wo...

by in Splunk Enterprise
‎02-03-2022 08:37 AM
‎02-03-2022 08:37 AM
We have a standalone Splunk Enterprise environment running Splunk 8.2.x.   We have loaded the Splunk Add-on for SolarWinds  (latest version -- just downloaded it about two weeks ago).    We are trying to get all three SolarWinds inputs (Alerts, Query, Inventory) to work in the Splunk Add-on for SolarWinds.  The Query and Inventory Inputs work fine but the Alerts are not working  (we are getting no data returned even though SolarWinds is producing alerts on its console).  My questions are these: 1.  Has anyone else experienced this problem and found a solution? 2.  Does anyone know which logs in either Splunk or SolarWinds that we can look at to help debug this issue? Thanks for your help. ... View more
Labels
Contact Me
Online Status
Offline
Date Last Visited
‎02-10-2022 11:06 AM
Karma from
View All