Send alerts and dashboards to Splunk Mobile users

Learn how to prepare your Splunk platform and configure alerts for delivery to Splunk Mobile devices.

You can send actionable alerts, visualizations, and push notifications from the Splunk Search & Reporting app to Splunk Mobile users. When data triggers an alert, users receive it on their mobile device.
Complete the following steps before sending alerts to the Splunk Mobile app:

  • Ensure Splunk Secure Gateway is enabled on your Splunk platform instance by an admin. See Get started with Splunk Secure Gateway.

  • Log in to a Splunk platform instance.

  • If you were previously using Splunk Cloud Gateway, alerts created there do not migrate to Splunk Secure Gateway. You must recreate those alerts.

  1. Navigate to the Search page in the Search & Reporting app.
  2. Create a search and save it by selecting Save As > Alert, or go to the Alerts tab and select Edit > Edit Alert.
Next, schedule the alert and define the trigger conditions.
  1. Select Add Actions > Send to Splunk Mobile.
  2. Select a role to receive the alert. All users with that role will be notified.
  3. Specify the alert severity.
  4. Enter a title and an optional description for the alert.
  5. Select a compatible visualization type.
    See Visualization support documentation.
  6. Provide a response option:
    1. Enter an Action label.
    2. Enter an HTTPS Action URL that opens when the user responds.
  7. Select Save to activate the alert.