Documentation > Splunk > Developing Dashboards, Views, and Apps for Splunk Web > Live Splunks and Saved Splunks Configuration

Developing Dashboards, Views, and Apps for Splunk Web

 


Start Here
Command Line Interface
SOAP API
Bundles
Modules
Skins
Workflow Integration
Search Language
Built-In Processors

Live Splunks and Saved Splunks Configuration

This documentation does not apply to the most recent version of Splunk. Click here for the latest version.

Contents

Live Splunks and Saved Splunks Configuration

These parameters configure Live Splunks and Saved Splunks


Filenames

Format 

[<spec>]
attribute1 = val1
attribute2 = val2
...

For more information, see the comments in the livesplunks.conf.spec and savedsplunks.conf.spec files.


Live Splunk Alert via Email

If you configured your Live Splunk to send email when its alert threshold has been met, the parameters of the email message are specified in $SPLUNK_HOME/bin/liveSplunkMailer.sh. To change the format of the message (subject, message body, etc.) simply edit this file. If you checked "Include results in email", the default method is to attach the search results in uuencoded form. This can also be modified by changing the way the searchresults.txt file is created in liveSplunkMailer.sh.

Retrieved from "http://docs.splunk.com/Documentation/Splunk/2.2.3/Developer/LiveSplunksAndSavedSplunksConfiguration"

This documentation applies to the following versions of Splunk: 2.2 , 2.2.1 , 2.2.3 , 2.2.6 View the Article History for its revisions.


You must be logged into splunk.com in order to post comments. Log in now.

Was this documentation topic helpful?

If you'd like to hear back from us, please provide your email address:

We'd love to hear what you think about this topic or the documentation as a whole. Feedback you enter here will be delivered to the documentation team.

Feedback submitted, thanks!