Access and update alerts
There are several ways to access and edit alerts. Here is a comparison of typical alert management tasks and where to complete them in Splunk Web.
Task | Where to go |
---|---|
View all alerts in the current app context. | Alerts page |
Select an alert to review or update. | Alerts page |
View and edit alert details. | From the Alerts page, select an alert to open its detail page. |
Review available alert actions and browse for more actions. | Alert Actions manager page. |
Review recently triggered alerts. | Triggered Alerts listing page. |
Use the Alerts page
The Alerts page lists all alerts for an app. It is available from the top-level navigation menu for an app. From the Alerts page you can use the following options.
Option | Description |
---|---|
Select a filtering option for displayed alerts. |
|
Select any displayed alert | Opens the detail page for an alert. You can review and make additional edits to the alert on the detail page. |
Open in Search | View or modify the alert's search string in the Search page. Time range updates in Splunk Web are not supported. |
Edit | Opens the detail page for an alert. You can review and make additional edits to the alert on the detail page. |
Edit an alert search
- From the Alerts page, locate the alert and click Open in Search. The alert search opens in the Search page.
- Edit the search string as needed.
- Run the edited search.
- Click Save to update the alert. If prompted again, click Save.
- Select from the following options.
Option Description "View alert" Opens the alert detail page. "Continue editing" Return to the Search page. "Permissions" View and edit alert permissions.
Access alert details
From the Alerts page, select an alert to review and update its settings. Authorized users can change the following alert settings.
- Enable or disable the alert
- App context
- Permissions
- Alert type and timing
- Trigger conditions
- Alert actions
Alert action permissions | Alerts page |
This documentation applies to the following versions of Splunk Cloud Platform™: 8.2.2112, 8.2.2201, 8.2.2202, 8.2.2203, 9.0.2205, 9.0.2208, 9.0.2209, 9.0.2303, 9.0.2305, 9.1.2308, 9.1.2312, 9.2.2403, 9.2.2406 (latest FedRAMP release)
Feedback submitted, thanks!