My management likes the reports I have created for them, one includes a list of fired/triggered alerts.
Now I am asked if I can build a report that lists these same alerts, but also lists the logs (Search results) that triggered the alerts.
I am stumped as to how to go about getting this data out of Splunk on a monthly basis for the previous month.
Thanks!
↧