2017-06-13 06:04:45 +02:00
|
|
|
See your Splunk Search alerts in Zulip!
|
|
|
|
|
2018-04-06 02:45:43 +02:00
|
|
|
1. {!create-stream.md!}
|
2017-06-13 06:04:45 +02:00
|
|
|
|
2023-09-21 02:23:45 +02:00
|
|
|
1. {!create-an-incoming-webhook.md!}
|
|
|
|
|
|
|
|
1. {!generate-integration-url.md!}
|
2017-06-13 06:04:45 +02:00
|
|
|
|
2018-04-06 02:45:43 +02:00
|
|
|
If you do not specify a topic, the name of the search is used
|
|
|
|
(truncated to fit if needed).
|
2017-06-13 06:04:45 +02:00
|
|
|
|
2018-04-06 02:45:43 +02:00
|
|
|
1. In the Splunk search app, execute the search you'd like to be
|
|
|
|
notified about. Click on **Save As** in the top-right corner,
|
|
|
|
and select **Alert**.
|
2017-06-13 06:04:45 +02:00
|
|
|
|
2018-04-06 02:45:43 +02:00
|
|
|
1. Configure the **Settings** and **Trigger Conditions** for your search
|
|
|
|
as appropriate. Under **Trigger Actions**, click **Add Actions**,
|
|
|
|
and select **Webhook**. Set **URL** to the URL constructed above,
|
|
|
|
and click **Save**.
|
2017-06-13 06:04:45 +02:00
|
|
|
|
2018-04-06 02:45:43 +02:00
|
|
|
!!! tip ""
|
2021-09-10 00:44:29 +02:00
|
|
|
|
2018-04-06 02:45:43 +02:00
|
|
|
You can create as many search alerts as you like, with whatever
|
|
|
|
stream and topic you choose. Just update your webhook URL as
|
|
|
|
appropriate for each one, and make sure the stream exists.
|
2017-06-13 06:04:45 +02:00
|
|
|
|
|
|
|
{!congrats.md!}
|
|
|
|
|
2018-04-06 02:45:43 +02:00
|
|
|
![](/static/images/integrations/splunk/001.png)
|