Splunk® App for Edge Hub

Install and Use Splunk App for Edge Hub

For documentation on other necessary components for Splunk Edge Hub, see the Splunk App for Edge Hub documentation, Splunk Edge Hub mobile app documentation, and Splunk Edge Hub hardware documentation.

Set up anomaly alerts for Splunk Edge Hub OS

The Splunk App for Edge Hub and AR comes with sample alerts that notify you when an anomaly occurs with your Splunk Edge Hub metrics. These alerts are disabled by default.

These alerts are based on saved searches that use the default indexes you created during the setup process. They return results based on anomaly metrics reported.

Prerequisites

Before turning on anomaly detection alerts, complete the following:

To configure trigger actions, see Set up alert actions in the Splunk Enterprise Alerting Manual.

Turn on anomaly alerts

You can find the alerts in Settings then Searches, Reports and Alerts by filtering the App by Splunk App for Edge Hub and AR (splunk-app-ar) and setting Owner to Nobody.

Once enabled, the alerts run every 1 minute and capture the occurrences from the last 30 seconds. The trigger conditions are configured with a throttle setting that limits the notifications to fire every 3 minutes.

Last modified on 13 January, 2024
Configure multiple Splunk Edge Hub devices using device profiles   View Splunk Edge Hub data on Splunk Web

This documentation applies to the following versions of Splunk® App for Edge Hub: 4.5.0, 4.6.0, 4.7.1, 4.8.0, 4.9.0


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters