Skip to main content
Version: 3.6.0

Quick Start

This guide provides a quick overview of the steps required to set up Alert Manager Enterprise (AME) in your Splunk environment. It assumes you are familiar with Splunk concepts such as indexes, HEC tokens, and alert actions. For detailed instructions, see the Setup Guide.

Before installing or upgrading AME, review the Versioning and Before You Upgrade guides to ensure smooth day-two operations.

Splunk Enterprise

This guide outlines the steps to set up Alert Manager Enterprise (AME) on a single-instance or single Search Head Splunk Enterprise environment:

  1. Create an index named ame_default.
  2. Generate a HEC token with write permissions for the ame_default index.
  3. Install Alert Manager Enterprise from Splunkbase by downloading the app or using in-product installation.
  4. Complete the AME Setup Page.
  5. Create an alert and configure an Alert Action.
  6. Verify incoming events in the Event Summary.

Splunk Cloud

  1. Create an index named ame_default.
  2. Generate a HEC token with write permissions for the ame_default index.
  3. Install Alert Manager Enterprise using the in-product installation.
  4. Complete the AME Setup Page.
  5. Create an alert and configure an Alert Action.
  6. Verify incoming events in the Event Summary.

Watch also our Setup Video.