Alerts are the actions generated by a saved search result after a certain period of time. Once an alert has occurred, subsequent actions like email or message will also be triggered. There two
Types of alters available in Splunk:
- Real-time alerts: we can divide the real-time alerts into two parts, pre-result, and rolling-window alerts. The pre-result alert gets triggered with every search, while rolling-window alerts are triggered when a specific criterion is met by the search.
- Scheduled Alerts: As the name suggests, scheduled alerts can be initialized to trigger multiple alerts based on the set criteria.
