Good Day All,      I'm looking for assistance on how to create a Triggered Alert when a certain percentage number in a text .log file is met in real-time. For background, on a remote server there's a PowerShell script that runs locally via Task Scheduler set to daily which generates a text .log file containing the used percentage of that drive (F: Drive in this instance). The Data Inputs –> Forwarded Inputs –> Files & Directories on splunk along with the Universal Forwarder on that remote server are configured and the text .log file can be read in splunk when searched as shown below:   Search: index=”main” source=”C:\\Admin\StorageLogs\storage_usage.log” Result: Event: 03/03/2025 13:10:40 - F: drive usage 17.989% used (All the text contained in the .log file) source = C:\\Admin\StorageLogs\storage_usage.log   sourcetype = storage_usage-too_small         What would be the best way to go about setting up a triggered alert that notifies you in real-time when that text .log file meets/exceeds 75% of the F: drive used? I attempted saving it as an alert from there by performing the following:   Save As -> Alert: Title: Storage Monitoring Description: (Will add at the end) Permissions: Shared in App Alert Type: Real-time Expires: 24 Hours Trigger Conditions: Custom Trigger alert when: (This is the field I’m trying to articulate the reading/notifying the 75% used part but unfamiliar with what to put) In: 1 minute Trigger: For each result Throttle: (Unsure if needs to be enabled or not) Trigger Actions -> When triggered -> Add to Triggered Alerts -> Severity: Medium        Would it be easier to configure the reading/notifying when 75% used part in the trigger conditions above or by adding the inputs in the main search query then saving? My apologies if I’m incorrect in any of my interpretations/explanations, I just started with this team and have basically no experience with splunk. Any information or guidance is greatly appreciated, thanks again.   ... View more