1. Go to the "Alert sources" tab and click Create new alert source
2. Enter a name and select your desired escalation policy. Select "Splunk" as the Integration Type and click on Save.
3. On the next page, a Webhook URL is generated. You will need this URL below when setting up the hook in Splunk.
1. Go to Splunk and then to Search & Reporting. Create a search for which you’d like to create an alert.
2. Click on Save As and then on Alert to add an alert
3. On the modal window name the alert e.g. iLert, choose Webhook in the When triggered section and paste the Webhook URL that you generated in iLert and click on Save
Finished! Your Splunk alerts will now create incidents in iLert.
Will incidents in iLert be resolved automatically?
No, unfortunately Splunk alerts do not fire resolve events.
Can I connect Splunk with multiple alert sources from iLert?
Yes, simply create more action sequences in Splunk.