Send alerts and dashboards to Splunk Mobile users
You can send actionable alerts, visualizations, and push notifications from the Splunk Search & Reporting app to Splunk Mobile users. When data triggers an alert, Splunk Mobile users receive the alert on their mobile device.
See View, respond to, and share alerts for more information about viewing alerts on the go with Splunk Mobile.
To prevent your data requests from timing out, avoid dashboards with more visualizations than your Splunk Enterprise max concurrent searches setting. You can also increase the search capacity by increasing the number of indexers in your Splunk Enterprise deployment. See How concurrent users and searches impact performance in the Splunk Enterprise Capacity Planning manual for more information.
Complete the following before sending alerts to the Splunk Mobile app:
- Splunk Secure Gateway is enabled on your Splunk platform instance by an admin. See Get started with Splunk Secure Gateway.
- Log in to a Splunk platform instance.
If you were previously using Splunk Cloud Gateway, alerts you created in Splunk Cloud Gateway do not migrate to Splunk Secure Gateway. You must recreate those alerts to use them with Splunk Secure Gateway.
Send Search & Reporting alerts to mobile devices
- Navigate to the Search page in the Search & Reporting app.
- Create a search.
- Click Save As > Alert.
Or, navigate to an existing alert in the Alerts tab and select Edit > Edit Alert next to the alert you want to send.
- Schedule the alert and specify trigger conditions.
- Click +Add Actions > Send to Splunk Mobile.
- Select a role to receive the alert. All users with the selected role will receive the alert.
- Specify the alert severity.
- Enter a title.
- (Optional) Enter a description.
- (Optional) Select a visualization. See Visualization support in the Splunk Secure Gateway Release Notes manual for compatible visualizations.
- (Optional) Provide a response option:
- Enter an Action label. This is what the mobile user taps to respond to the alert.
- Enter an https Action URL.
This is the URL that opens when the mobile user responds to the alert. Both an action label and action URL are required when setting up a response option.
- Click Save. Splunk Enterprise sends the alert when the data meets your trigger conditions.
Download Splunk Mobile for iOS
View, respond to, and share alerts with Splunk Mobile
This documentation applies to the following versions of Splunk® Mobile for iOS: 1.2.0, 1.2.1, 1.3.0, 1.3.1, 1.3.2, 1.4.0, 1.4.1, 1.4.2, 1.5.0, 1.7.0, 1.8.0, 2.0.0, 2.0.1, 2.1.0, 2.2.0, 2.2.1, 2.2.2, 2.2.3, 2.2.4, 2.3.0, 2.4.0, 2.5.0, 2.6.0, 2.7.0, 2.8.0, 2.9.0, 2.10.0, 2.11.0, 2.12.0, 2.12.1, 2.13.0, 2.14.0, 2.15.0, 2.16.0, 2.17.0, 2.18.0, 2.19.0, 2.20.0, 2.21.0, 2.22.0, 2.23.0, 2.24.0, 2.25.0, 2.26.0, 2.27.0, 2.28.0, 2.29.0, 2.29.1, 2.30.0, 2.31.0, 2.31.1