Accept License Agreements

This app is provided by a third party and your right to use the app is in accordance with the license provided by that third-party licensor. Splunk is not responsible for any third-party apps and does not provide any warranty or support. If you have any questions, complaints or claims with respect to this app, please contact the licensor directly.

Thank You

Downloading Alert Manager
MD5 checksum (alert-manager_214.tgz) e72325c3ea4b398a2f1899df0ea66246 MD5 checksum (alert-manager_213.tgz) c87f80cc7ce9737f66e2d477217f11b0 MD5 checksum (alert-manager_205.tgz) 48e6abf49b154ad062c72227f3672b35
To install your download
For instructions specific to your download, click the Details tab after closing this window.

Flag As Inappropriate

Alert Manager

Splunk Certified
The Alert Manager adds simple incident workflows to Splunk. The general purpose is to provide a common app with dashboards in order to investigate fired alerts or notable events. It can be used with every Splunk alert and works as an extension on top of Splunk's built-in alerting mechanism.

- Awareness of your current operational situation with the incident posture dashboard
- Analyze root cause of incidents with only a few clicks
- Review and adjust the urgency of incidents to improve operations scheduling
- Dispatch incidents to the person in charge
- Track and report incident workflow KPIs
- Tag and categorize incidents

Please find the full documentation at
For Support, please reach out or open a ticket at GitHub (

Release Notes

Version 2.1.4
Nov. 7, 2016

Re-enabled migration scripts to seed default E-mail Templates and Notification Scheme.

Version 2.1.3
Oct. 21, 2016

* Support for non-admin users to modify incidents from Incident Posture dashboard
* Added capability 'am_is_owner' which is required to be an owner of incidents
* Added new alert_manager_admin, alert_manager_supervisor and alert_manager_user role as preparation for upcoming features
* Added support for 'AND' or 'OR' combinations in Suppression Rules
* Added new dynamic owner selection in Custom Alert Action dialog
* Added auto subsequent resolve option to resolve new incidents from the same title
* Added loading indicator to incident posture dashboard when expanding incident to show details
* Improved incident edit dialog to provide better owner search and selection
* Fixed IncidentContext to support https scheme and custom splunk web port
* Enhanced timestamp display in incident history
* Improved table coloring (Splunk 6.5 Feature)
* Lot’s of bugfixes, code cleanups, enhancements and sanitizations. See changelog for details

Version 2.0.5
May 10, 2016

App certification release only - no functional changes included!


Subscribe Share

Splunk Certification Program

Splunk's App Certification program uses a specific set of criteria to evaluate the level of quality, usability and security your app offers to its users. In addition, we evaluate the documentation and support you offer to your app's users.

Are you a developer?

As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 50GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.

Follow Us:
© 2005-2017 Splunk Inc. All rights reserved.
Splunk®, Splunk>®, Listen to Your Data®, The Engine for Machine Data®, Hunk®, Splunk Cloud™, Splunk Light™, SPL™ and Splunk MINT™ are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners.