In this blog we will be working in our environment to create alert action, keep following the steps to creating alert for popup message splunk.

Run this command to get all the data from rest.
|rest /services/messages

query used for creating alert for popup message in splunk

And extract only the desired content
| rest /services/messages | table timeCreated_iso title splunk_server severity message

Creating alert with throttle threshold of 6 hour
1)Set suppress triggering for as 6 hour(s).
2) Save the search as Alert.

creating alert for popup message in splunk

If you are still facing issue regarding creating alert for popup message splunk Feel free to Ask Doubts in the Comment Box Below and Don’t Forget to Follow us on 👍 Social Networks, happy Splunking >😉