Alerting
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Can I change alert name in .conf without restarting Splunk?

wvalente
Explorer
‎08-22-2017 05:36 AM

Hi guys,

Is there any way to change the alert name in .conf files that does not need restart splunk?

In the link below I could not find the appropriate field.

http://docs.splunk.com/Documentation/Splunk/latest/admin/savedsearchesconf

In addition, I've tried in /opt/splunk/etc/users/admin/search/local/savedsearches.conf, but it is not change in real environment.

Tks.

0 Karma
Reply

vasanthmss
Motivator
‎08-22-2017 10:24 AM

Hi Wvalente,

Usually splunk restart for savedsearch.conf changes is not required, you have to refresh by using , 

http://<yoursplunkserver>:<your web port, default 8000>/debug/refresh

Below link will help you to understand when to restart splunk,

https://docs.splunk.com/Documentation/Splunk/6.6.2/Admin/Configurationfilechangesthatrequirerestart

Check your Splunk version and the documents for more information,

Hope this will helps you!!!

V
Reply
Get Updates on the Splunk Community!

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

Take a look below to explore our upcoming Community Office Hours, Tech Talks, and Webinars this month. This ...

They're back! Join the SplunkTrust and MVP at .conf24

With our highly anticipated annual conference, .conf, comes the fez-wearers you can trust! The SplunkTrust, as ...

Enterprise Security Content Update (ESCU) | New Releases

Last month, the Splunk Threat Research Team had two releases of new security content via the Enterprise ...