Hi ,
I have 2 instances, splunk enterprise in linux environment and splunk enterprise in windows environment. And I am using with service-now integration. For that i am using Splunk add-on for service-now with linux splunk setup.
I have configured an alert in "search and reporting" app to notify if any new source is added to it. In windows the alert is fired. (i can see event fired at ---- when i open alert).
In linux i configured the same alert to detect new source using both "search and reporting" app and "Splunk_TA_snow" app. But both the alerts are not firing up. Is it prob with linux setup or anything else?
Total num of alerts configured are not more than 4.
please help
↧