We have installed Splunk in a service control center and have monitoring and alerting set up for several content servers. The alerting and everything works fine, I was just curious about what other custom things we could do with the workflow actions. Here's what I'm thinking:
Would it be possible to set up a workflow action that triggers a popup or maybe even an audible alarm on my workstation(Search Head) when the alert conditions are met?
Our customer is interested in this, and I think other people in similar control/monitoring centers might be interested in this functionality too. It seems like it should be possible, but it will take somebody smarter than me to figure it out. Please give me any ideas you might have about where to get started.
While you could do it client-side, the best way might be to fire off a script when conditions are met. In other words, do a saved search that only fires off with your specific condition, and plumb that into something that will play music or fire a beep.
It depends on if you are on linux or windows, what is installed, etc, but it should be easy to do with a simple line of shell/batch. For instance, "start c:\alert.mp3" on Windows or "mpg123 /alert.mp3" on linux. FSVO mpg123 of course!