Splunk® Enterprise

Alerting Manual

Download manual as PDF

Download topic as PDF

Set up alert actions

Alert actions help you respond to triggered alerts. You can enable one or more alert actions. Learn about the available options.

To learn about See
Sending email notifications when alerts trigger Email notification action
Capturing information from a search and including it in email or other notifications Email notification tokens
Displaying a message in a chat room or updating another web resource Use a webhook alert action
Logging and indexing searchable alert events Log events
Adding an alert to a list of recently triggered alerts for monitoring Monitor triggered alerts

Deprecated alert action:
The script alert action is deprecated. As an alternative, see About custom alert actions for information on building customized alert actions that can include scripts.

Additional resources

To review alert triggering, see Configuring alert trigger conditions.

PREVIOUS
Throttle alerts
  NEXT
Email notification action

This documentation applies to the following versions of Splunk® Enterprise: 6.4.0, 6.4.1, 6.4.2, 6.4.3, 6.4.4, 6.4.5, 6.4.6, 6.4.7, 6.4.8, 6.5.0, 6.5.1, 6.5.1612 (Splunk Cloud only), 6.5.2, 6.5.3, 6.5.4, 6.5.5, 6.6.0, 6.6.1, 6.6.2, 6.6.3


Was this documentation topic helpful?

Enter your email address, and someone from the documentation team will respond to you:

Please provide your comments here. Ask a question or make a suggestion.

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters