In this chapter, we have discussed the growing importance of Splunk alerting and the different levels of doing so. In the current corporate environment, intelligent alerting and alert noise reduction are becoming more important due to machine sprawl, both horizontally and vertically. Then we discussed how to create intelligent alerts and manage them effectively, and also some methods of self-healing that I've used in the past, and the successes and consequences of such methods in order to assist in setting expectations. In the next chapter, we will talk about the anatomy of a search and then some key techniques that will help in real world scenarios. Many people understand search syntax. However, to use it effectively, (that is, to become ...