Alerting

Custom tabs for saved searches

akocak
Contributor

Hi Splunkers,
thanks upfront for your time.
I have a requirement that I started to research recently. I wanted to share here as well to get more ideas:

I have a team in my clustered environment that wants to separate alerts within the same app. We can imagine requirement as having more than one alerts tab in default navigation menu. I have 2 questions:
1) how can we separate same object (alerts) into different tabs (I consider forcing them to have a special character in the naming possibly)?
2) how can we add this process to creating alerts ? like having some option to choose where new alert to be stored

Question might be newbie. I do appreciate patience.

0 Karma

MousumiChowdhur
Contributor

Hi @akocak!

You can try adding alerts to the navigation menu. Yo can create different alert tab for different teams which may or may not have same alerts and give the permissions accordingly.

Find the below link for more details:
http://dev.splunk.com/view/webframework-developapps/SP-CAAAEP9

I hope this can help you to solve your first point.

Regarding the second point, you will have to manually add the alert to the respective navigation menu or you can try to save the alerts in different apps. While saving the alerts you can select the specific app you want to save the alert to and give the user permission of that app specifically.

Thank You!

0 Karma

akocak
Contributor

Hey, I will soon work on this task and grade your answer 🙂

0 Karma

MousumiChowdhur
Contributor

@akocak, Sure!

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...