How to write a cron schedule for a single alert to...

xbbj3nj · ‎11-03-2014

Hi All,

How to write a cron a expression that runs only at 4:50 AM and 5:05 AM on a day.

Note: I want to save it as a single alert, I want to run it from Monday through-Friday.

I tried something like below, but it will run @ 4:50 AM and 5:50 AM.
50 4-5 * * * 1-5

I want to run @ 4:50 AM and schedule it for the next 15th minute . Is this possible ? Please let me know.

jyotipatil14 · ‎04-16-2015

try 50,0 4,5 * 1-5 .... ( I tried this and it worked 🙂 )

That is for windows , for Unix replace comma by right slash /

somesoni2 · ‎11-03-2014

Couldn't figure out direct method. But this may be a workaround.
Use this cron: 5-49/5 4-5 * * 1-5

This will make your alert search to run 4 time a day from Mon-Fri @ 4:05, 4:50, 5:05, 5:50.
Next step will be to include following filters in your alert search string, in the base search section to basically no action to be taken if its run during 4:05 and 5:50.

e.g. if your alert search is like this

index=_internal ERROR | stats count | where count>0

Alert condition: if no of events > 0

saivineet · ‎01-20-2016

what is this 5-59/45

somesoni2 · ‎01-20-2016

It actually should be just 5-49/5 4-5 * * 1-5. It will run for hour 4 OR 5, every 5 min starting from 5th minute to 49th (minutes are represented as 0 to 59, I'm skipping execution on 0th/50th/55th minute). Then the subsearch will ensure to not to run anything unless hour is 4 and min is 50 OR hour is 5 and minute is 5

How to write a cron schedule for a single alert to run at 4:50 AM and 5:05 AM?

Webinar Recap | Revolutionizing IT Operations: The Transformative Power of AI and ML ...

.conf24 | Registration Open!

ICYMI - Check out the latest releases of Splunk Edge Processor