How do I configure alerts in Alert Manager? After installing and setting up Alert Manager and its TA, the Alerts menu is empty without a "create" option. The Settings > Incident Settings page is empty as well.
The wiki page on this does not help. For me the seemingly only way is to use a sample alerts from the demo, cloning and editing it. I've tried this twice on fresh Splunk installs.
What am I doing wrong? Many thanks and all the best for the turn of the year!
I think this works with alerts you create normally. (ie from a search, Save As -> Alert)
See the docs: http://docs.alertmanager.info/Documentation/AlertManager/latest/AlertManager/AbouttheAlertManager, specifically the section "How does it work"
I think this works with alerts you create normally. (ie from a search, Save As -> Alert)
See the docs: http://docs.alertmanager.info/Documentation/AlertManager/latest/AlertManager/AbouttheAlertManager, specifically the section "How does it work"
Ah, thanks! I had an empty Splunk and only used the demo-app. Apparently the alerts created by the demo-app are not "real" alerts and leave the Incident Settings empty. With user-created alerts it works fine.