We are currently using Splunk v 7.2. I am integrating Splunk with OMI and seeing issues in configuring the state changes for Splunk alerts.
I am looking if Splunk could send a All Clear/ Resolved notification every time an alert triggers. This would be highly helpful to determine the state change and to track the tickets down.
Please let me know if this feature is already available in Splunk or can be expected atleast in future releases.
... View more