Follow the steps in this recipe to create an alert on failure and a trigger a webhook driven alert response:
- Log in to your Splunk server and select the Operational Intelligence application.
- In the Search bar, enter the following search over Last 24 hours:
index=main sourcetype=access_combined status=503
- The search will run, but might not produce any results if there are no results to display. This is OK. As in the previous recipes, click on the Save As dropdown and select Alert:
- A pop-up box will appear to provide the alert configuration options. Perform the following steps on this screen:
a. Enter cp08_webserver_failure_webhook ...