Other Usage
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to setup alert when new value in field?

namlh
Loves-to-Learn Everything
‎06-21-2023 03:52 AM

Hi, i have field IP ADDRESS when user login, so i want to alert email when to have a new ip address. 
Can you help me

Labels (1)
Labels
0 Karma
Reply

isoutamo
SplunkTrust
SplunkTrust
‎06-21-2023 03:57 AM

Hi

Here is an old answer for this case https://community.splunk.com/t5/Security/How-can-I-detect-when-a-new-IP-is-used-by-a-user/td-p/21107...

r. Ismo

0 Karma
Reply

namlh
Loves-to-Learn Everything
‎06-21-2023 04:07 AM

I read the post but i don't understand. I have to run command in image in search splunk ???? OR how can i configure in edit alert ???

namlh_1-1687345538264.png

 

0 Karma
Reply

isoutamo
SplunkTrust
SplunkTrust
‎06-21-2023 04:45 AM

A previous post show to you how you can find a new IPs for user. Then you just create an alert (Save As -> Alert) which send that result to you or where ever you want to send it.

https://docs.splunk.com/Documentation/Splunk/latest/Alert/Definescheduledalerts

0 Karma
Reply

namlh
Loves-to-Learn Everything
‎06-21-2023 11:48 PM
I followed it but it doesn't alert, can you check it for me
 
namlh_1-1687416489888.png

 

 
 
 
0 Karma
Reply
Get Updates on the Splunk Community!

Database Performance Sidebar Panel Now on APM Database Query Performance & Service ...

We’ve streamlined the troubleshooting experience for database-related service issues by adding a database ...

IM Landing Page Filter - Now Available

We’ve added the capability for you to filter across the summary details on the main Infrastructure Monitoring ...

Dynamic Links from Alerts to IM Navigators - New in Observability Cloud

Splunk continues to improve the troubleshooting experience in Observability Cloud with this latest enhancement ...