Splunk Integration
With the ilert Splunk integration, you can create alerts in ilert based on Splunk alerts.
- 1.Go to the "Alert sources" tab and click Create new alert source
- 2.Enter a name and select your desired escalation policy. Select "Splunk" as the Integration Type and click on Save.
- 1.On the next page, a Webhook URL is generated. You will need this URL below when setting up the hook in Splunk.
- 1.Go to Splunk and then to Search & Reporting. Create a search for which you’d like to create an alert.
- 1.Click on Save As and then on Alert to add an alert
- 1.On the modal window name the alert e.g. iLert, choose Webhook in the When triggered section and **paste the Webhook URL that you generated in ilert and click on Save**
Finished! Your Splunk alerts will now create alerts in ilert.
Will alerts in ilert be resolved automatically?
No, unfortunately Splunk alerts do not fire resolve events.
Can I connect Splunk with multiple alert sources from ilert?
Yes, simply create more action sequences in Splunk.