Reporting

How to run a search in splunk after every 5 minutes everyday?

nikhiltikoo
Explorer

I am searching for some data on Splunk for a 5 minute time range. I want this search to run after every 5 minutes in Splunk on its own. How can this be done? I tried finding it on Splunk, but all I can see is how to schedule alerts and reports. And after the search is activated, how can we access the produced results generated by the search?

0 Karma

woodcock
Esteemed Legend

Save it as an alert and you can "process" the results of the query and act on them externally (e.g. call a script if the number of results is greater than 0).

0 Karma

paramagurukarth
Builder
0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...