Access a list of all fired alerts.
External DocumentationTo learn more, visit the Splunk documentation.

Parameters

ParameterDescription
CountThe maximum number of results to return. If value is set to 0, then all available results are returned.
OffsetThe first result (inclusive) from which to begin returning data. This value is 0-indexed. Default value is 0.
In 4.1+, negative offsets are allowed and are added to count to compute the absolute offset (for example, offset=-1 is the last available offset).
Offsets in the results are always absolute and never negative.

Example Output

{
	"links": {},
	"origin": "/services/alerts/fired_alerts",
	"updated": "2023-01-15T10:42:17+02:00",
	"generator": {
		"build": "dd0128b1f8cd",
		"version": "9.0.3"
	},
	"entry": [
		{
			"name": "-",
			"id": "/servicesNS/example/search/alerts/fired_alerts/-",
			"updated": "1970-01-01T02:00:00+02:00",
			"links": {
				"alternate": "/servicesNS/example/search/alerts/fired_alerts/-",
				"list": "/servicesNS/example/search/alerts/fired_alerts/-"
			},
			"author": "example",
			"acl": {
				"app": "search",
				"can_list": true,
				"can_write": true,
				"modifiable": false,
				"owner": "example",
				"perms": {
					"read": [
						"*"
					],
					"write": [
						"*"
					]
				},
				"removable": false,
				"sharing": "user"
			},
			"content": {
				"eai:acl": null,
				"triggered_alert_count": 0
			}
		}
	],
	"paging": {
		"total": 1,
		"perPage": 30,
		"offset": 0
	},
	"messages": []
}

Workflow Library Example

List Fired Alerts with Splunk and Send Results Via Email
Workflow LibraryPreview this Workflow on desktop