Creating alerts from searches
Let's continue with our example. We want to take our original search query, schedule it, and then set a triggered response.
Any saved search can also be run on a schedule. One use for scheduled searches is firing alerts. Let's get started with our example. Go to the Reports page (shown in the previous screenshot) and click on Open in Search for our report (errors affecting mary). This opens our saved report not as a report but as a search query (it also runs the search). From there, we can click on Save As and choose Alert.
Using the Save As Alert window (shown in the next screenshot), we can fill in the appropriate details for our alert:
The fields can be filled as follows:
- Title: I kept the original search title (errors affecting mary) but added the word alert
- Description: I kept this the same, but in reality, we'd want to add more of a description
- Alert Type: I selected Scheduled, since I want this alert search to be run every day
- Time Range: I selected the preset Run every day
- Schedule At: Here, I selected the preset 12:00
- Trigger condition: I selected the preset Number of Results, since I'd like to trigger an event if my search finds any errors generated by our favorite user, mary
- Trigger if number of results: I selected the preset is Greater than and filled in zero (this means that I am interested in any errors that are found by my search)
After filling in all this, we can click on Next and we see that we have more information to provide:
This time, the window is divided into the following areas: Enable Actions, Action Options, and Sharing.