Is there also any way to add Splunk alert query in the dashboard, which will get updated whenever any changes have been made in Splunk alert? If it's possible to add Splunk alerts in the dashboard, then what is the process to do so?
Hey@wanip,
You can try using this app:
https://splunkbase.splunk.com/app/2627/
Also i am not sure if this will work but you can try this:
index=_internal sourcetype=splunkd_ui_access method=post edit ui/views
| rex field=other "\s*?-\s*(?[\S]+)\s*"
| table user, useragent, req_time, file, sessionId
| rename file as dashboard req_time as editTime
Let me know if this helps!!
Hi deepashri,
Thanks for the comment, however am still unable to connect my question with your comment.
As mentioned am trying to add Splunk alerts link into the dashboard inspite of adding search panel and update the same when any changes made in splunk alert manually.
Can you please explain me how the mentioned Splunk App or the search query will help me in doing same.
Thanks in advance 🙂
@wanip,
Sorry for the confusion, Now i get your question.
I am not sure whether there is workaround for this.
Lets see if any fellow splunkers have some answer for your problem:)