Hi ,

We are looking to create an alert if for any reason a search head went down. This is for our Splunk Enterprise Security search head, since we have only one search head is available in our environment, we are looking to create an alert if the ES search head goes down.

Thanks