Hello fellow Splunkers...I am currently work on a search that I need to alert on if it occurs greater than 15 times in a 30 minute period. I have set up the search/alerting, but I am a little lost on the best way to have the criteria inputted. Also, would it be best to set up a stats count, rather than using the alerts GUI? Any assistance would be appreciated.
Thank you.
↧