Scheduling Reports & Alerts

• Users/Analysts
• Administrators
• Engineers

To be successful, students must have completed these Splunk Education course(s) or have equivalent working knowledge:

• Intro to Splunk (ITS)
• Using Fields (SUF)
• Visualizations (SVZ)
• Working with Time (WWT)
• Statistical Processing (SSP)
• Comparing Values (SCV)
• Result Modification (SRM)

This course is designed for Splunk users, analysts, and administrators who want to automate reporting and monitoring. You will learn how to schedule reports, configure alerts, and manage notification settings.

This eLearning option is available with and without a lab option. If a student opts to take the option without a lab, the eLearning is free.

Module 1 – Creating a Scheduled Report

• Create a report
• Schedule a report
• Define a report's time range
• Define schedule priority
• Define schedule window
• Add a trigger condition

Module 2 – Managing Reports

• View report settings
• Edit report permissions
• Enable report embedding

Module 3 – Creating Alerts

• Save a search as an alert
• Define alert permissions
• Understand scheduled and real-time alert types
• Define alert trigger conditions

Module 4 – Using Alert Actions

• Define actions that respond to trigger conditions
• Write results to a log event
• Output results to a lookup
• Output results to a telemetry endpoint
• Send an email containing search results
• Set up a webhook alert action

Module 5 – Managing Alerts

• View alert settings
• Edit alert permissions