Splunk® Enterprise

Alerting Manual

Download manual as PDF

This documentation does not apply to the most recent version of Splunk. Click here for the latest version.
Download topic as PDF

List instances of triggered alerts

Select the List in Triggered Alerts action to display a list of instances when the alert triggers.

You can see records of recently triggered alerts from the Triggered Alerts page or from an Alert Details page. The Triggered Alerts page shows all instances of triggered alerts. The Alert Details page shows all instances of triggered alerts for a specific alert. Details of triggered alerts are available for 24 hours or a specified duration.

See "Review triggered alerts" in this manual.

Give tracked alerts a severity level

When listing a triggered alert, you can specify a Severity level. Severity levels are informational only. They let you group and highlight alerts in the Alert Manager according to the severity levels. You decide which level applies to the alert.

You can choose from the following severity levels. The default level is Medium.

  • Info
  • Low
  • Medium
  • High
  • Critical
PREVIOUS
Use a webhook alert action
  NEXT
Run a script alert action

This documentation applies to the following versions of Splunk® Enterprise: 6.3.0, 6.3.1, 6.3.2, 6.3.3, 6.3.4, 6.3.5, 6.3.6, 6.3.7, 6.3.8, 6.3.9, 6.3.10, 6.3.11, 6.3.12, 6.3.13, 6.3.14


Was this documentation topic helpful?

Enter your email address, and someone from the documentation team will respond to you:

Please provide your comments here. Ask a question or make a suggestion.

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters