Reporting

Disable splunk alert via CLI

SS1
Path Finder

Hi,

We can disable the alert via command line with below command, but this doesnt work if the alert name has spaces in it.

curl -k -u admin https://<host>:<mgmt_port>/servicesNS/<user_context>/<app_context>/saved/searches/<search>/disable -X POST

I have a splunk alert Application Down Alert (Alert name has spaces in it)

How do i disable this alert via commandline.

 

Labels (5)
0 Karma
1 Solution

richgalloway
SplunkTrust
SplunkTrust

Assuming you've already tried putting quotation marks around the URL, try urlencoding it by replacing the spaces with %20

---
If this reply helps you, Karma would be appreciated.

View solution in original post

0 Karma

SS1
Path Finder

Thanks @richgalloway %20 worked fine for me.

0 Karma

richgalloway
SplunkTrust
SplunkTrust

Assuming you've already tried putting quotation marks around the URL, try urlencoding it by replacing the spaces with %20

---
If this reply helps you, Karma would be appreciated.
0 Karma
Get Updates on the Splunk Community!

Observability Highlights | November 2022 Newsletter

 November 2022Observability CloudEnd Of Support Extension for SignalFx Smart AgentSplunk is extending the End ...

Avoid Certificate Expiry Issues in Splunk Enterprise with Certificate Assist

This blog post is part 2 of 4 of a series on Splunk Assist. Click the links below to see the other ...

Using Machine Learning for Hunting Security Threats

REGISTER NOW Seeing the exponential hike in global cyber threat spectrum, organizations are now striving more ...