Get full access to Splunk Operational Intelligence Cookbook - Third Edition and 60K+ other titles, with a free 10-day trial of O'Reilly.

There are also live events, courses curated by job role, and more.

Start your free trial

Types of alert

There are three types of alert, and these are detailed in the following table:

Alert	Description	When is it triggered?
Scheduled alert	This is an alert based on a historical search that runs periodically in accordance with a set schedule.	This triggers an alert whenever the results of the historic search meet a condition defined in the alert. It is usually less resource intensive than other alert types and used when immediate action is not required.
Real-time, Per-result alert	This is an alert based on a real-time search that is set to run over all time.	This triggers an alert every time the base search returns a result. It is useful to know immediately when a matching result is detected.
Real-time, ...

Get Splunk Operational Intelligence Cookbook - Third Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Don’t leave empty-handed

Get Mark Richards’s Software Architecture Patterns ebook to better understand how to design components—and how they should interact.

It’s yours, free.

Get it now

Check it out now on O’Reilly

Dive in for free with a 10-day trial of the O’Reilly learning platform—then explore all the other resources our members count on to build skills and solve problems every day.

Start your free trial Become a member now