|
When I add a new group to our Splunk environment, I create an App for them and tell them to use that from which to create their saved searches, reports and dashboards. One of my new users jumped in right away and started creating her stuff before she read the email with that and other related info. So I used the MOVE feature in Manager/Apps to take them from the Search app to her group's App. Now she is reporting that her alerts are missing; "Basically, when I look in alert manager I should see what alerts I have set up and what have fired – and now I see nothing. I do have the searches for the alerts in my search area, but not the alerts I defined." What may have caused this and how can I 'recover' the missing alerts? I have not found anything here that relates to what has happened in our situation. |
Refine your search:
- Apps & Questions
- Apps
- Questions
- Users
- Tags
Markdown Basics
- *italic* or _italic_
- **bold** or __bold__
- link:[text](http://url.com/ "Title")
- image?
- numbered list: 1. Foo 2. Bar
- to add a line break simply add two spaces to where you would like the new line to be.
- basic HTML tags are also supported
Tags:
Asked: 08 Feb, 07:02
Seen: 205 times
Last updated: 08 Feb, 07:04