Skip to main content
Sync Splunk alert events to Flashduty via webhook for automated alert noise reduction.

In Flashduty

You can obtain an integration push URL through either of these two methods:

Using Private Integration

Choose this method when you don’t need to route alert events to different channels. It’s simpler and recommended.

Using Shared Integration

Choose this method when you need to route alerts to different channels based on the alert event’s payload information.

In Splunk

I. Splunk Alert Push Configuration

  1. Log in to your Splunk console
  2. In the Search and Report application, search for keywords you want to monitor, such as “error”
  3. In the upper right corner’s save menu, select Alerts to configure the search keywords as monitoring items
drawing
  1. In the configuration popup, enter relevant information. Configure the set up and Triggering conditions sections according to your needs
  2. In the Trigger Action section, click Add Action and select Webhook
drawing
  1. In the Webhook section, enter the integration push URL in the URL field (the URL will be generated after saving the integration name on the current page) and save to complete the alert configuration
drawing

II. Status Mapping

Since Splunk alert events don’t differentiate severity levels, all alert events pushed from Splunk to Flashduty will have a Warning status and won’t include recovery events.