Is there a way in splunk to alert on number of alerts ?
For example I want create an alert which attempts to search 6 login into a server. Assuming this runs every 1 min (thats arbitrary number) and fires an alert called Alert-A. I want to fire an alert B if 5 Alert-A have triggered in last 5 mins.
I am not looking for solution where in you want to suggest, "why not create a search and alert if 6*5 login attempts have been made on server.
My question is specific to triggering an alert on other alert.
... View more