Hi,
I have 2 instances: Splunk Enterprise in a Linux environment and Splunk Enterprise in a Windows environment. I am also using these with ServiceNow integration. For that I am using Splunk Add-on for ServiceNow with the Linux Splunk setup.
I have configured an alert in the "Search and Reporting" app to notify if any new source is added to it. In Windows, the alert is fired. (I can see event fired at ---- when I open alert).
In Linux, I configured the same alert to detect new source using both "Search and Reporting" app and "Splunk_TA_snow" app, but both the alerts are not firing up. Is it a problem with the Linux setup or anything else?
Total num of alerts configured are not more than 4.
please help
If it'sstill not resolved, try setting the splunk log to DEBUG for short period of time and check
If it'sstill not resolved, try setting the splunk log to DEBUG for short period of time and check