Alerts
DDoS Detector Splunk Application has a special alert notification (ddos_alert). The email notifying that a “Possible DDoS attack detected” is sent based on the results of the search and triggers conditions.
“See details” link in this email takes the user to the DDoS Attacks Details Splunk application dashboard with reported alert.