×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
rvnk
Engager
Member since: ‎10-27-2024
‎10-28-2024
Community Statistics
Posts 1
Solutions 0
Karma Given 1
Karma Received 0
Member Since ‎10-27-2024
Activity Feed
Topics I've Started
View All

Per - result Alert

by in Splunk Enterprise Security
‎10-27-2024 05:29 PM
‎10-27-2024 05:29 PM
I am a grad student and I recently gave a quiz on splunk. There was a true/false question. Q: Splunk Alerts can be created to monitor machine data in real-time, alerting of an event as soon as it logged by the host.  I marked it as false because it should be "as soon as the event gets indexed by Splunk" instead of "as soon as the event gets logged by the host".  I have raised a question because I was not awarded marks for this question. But the counter was "Per-result triggering helps to achieve this". But isn't it basic that Splunk can only read the indexed data? Can anyone please verify if I'm correct?  Thanks in advance. ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎10-28-2024 04:49 PM
Karma given to
View All