icon/x Created with Sketch.

Splunk Cookie Policy

We use our own and third-party cookies to provide you with a great online experience. We also use these cookies to improve our products and services, support our marketing campaigns, and advertise to you on our website and other websites. Some cookies may continue to collect information after you have left our website. Learn more (including how to update your settings) here.
Accept Cookie Policy

We are working on something new...

A Fresh New Splunkbase
We are designing a New Splunkbase to improve search and discoverability of apps. Check out our new and improved features like Categories and Collections. New Splunkbase is currently in preview mode, as it is under active development. We welcome you to navigate New Splunkbase and give us feedback.
Cancel Visit New Splunkbase Visit
My Account
Login Signup
Support & Services
Search Splunk Documentation Splunk Answers Education & Training User Groups Splunk App Developers Support Portal Contact Us
My Account
Login Signup
Support & Services
Search Splunk Documentation Splunk Answers Education & Training User Groups Splunk App Developers Support Portal Contact Us

Accept License Agreements

This app is provided by a third party and your right to use the app is in accordance with the license provided by that third-party licensor. Splunk is not responsible for any third-party apps and does not provide any warranty or support. If you have any questions, complaints or claims with respect to this app, please contact the licensor directly.

Customer License Agreement for App

Splunk Websites Terms and Conditions of Use

Thank You

Downloading Alert Manager Enterprise
SHA256 checksum (alert-manager-enterprise_360.tgz) 417114c1d388fe49b82321b45082e2ff9f32e643d13d1c190e9c202226e62301 SHA256 checksum (alert-manager-enterprise_355.tgz) 42374a7ffade76fce7b97d32c6061b53bf98cb14f65be189d7c1b4dd2f8ac8d5 SHA256 checksum (alert-manager-enterprise_354.tgz) eec22e8ada75deffcf3b9ff5fd6d849e1a395769586d985fa26b96588cc9f3a6 SHA256 checksum (alert-manager-enterprise_353.tgz) 3222927a2cd4d814fd4f967b5940348dca07abcd957c5137f0312793f91f5f85 SHA256 checksum (alert-manager-enterprise_351.tgz) 3dea350abdad3e5d5dd524cc444b22708f09e8357772609ecbce8f9607dd7e75 SHA256 checksum (alert-manager-enterprise_350.tgz) 495a26a6d044a40bdf8ac084ac0c19fbc4a0ec62d62afff571aeab0f9e2832c8 SHA256 checksum (alert-manager-enterprise_340.tgz) e18e62e67ff55aa4dd973051adf25416fe1b9035260590b72a80e6e5eaa47fbb SHA256 checksum (alert-manager-enterprise_332.tgz) b3734f482a1d5e026de9563da0332ff39dd8c4fb91dc9a36e3dbef23065b865f SHA256 checksum (alert-manager-enterprise_323.tgz) 764baacdcdbf6c18b76d3d2a2729662a634b648c5fc6ea07845a85040108fc03 SHA256 checksum (alert-manager-enterprise_313.tgz) 5bd09e51a7d59af3117f207e69bf6f645506db203f06a384fd45d2e091ab767c SHA256 checksum (alert-manager-enterprise_308.tgz) ef1ae04e1c4833f45de316b695078696cc477e125a400812237b6e2d1b0a2e80
To install your download
For instructions specific to your download, click the Details tab after closing this window.

Flag As Inappropriate
splunk

Alert Manager Enterprise

Splunk Cloud
Overview
Details
Datapunctum Alert Manager Enterprise helps IT Ops and Security teams manage their alerts within Splunk Enterprise and Splunk Cloud.

Add the Alert Manager Enterprise Alert Action to your existing searches and manage your alerts immediately.
Get started today with our quickstart guide at https://docs.datapunctum.com/ame/ame-quickstart!

What is Alert Manager Enterprise?

Datapunctum Alert Manager Enterprise helps IT Ops and Security teams manage their alerts within Splunk Enterprise and Splunk Cloud.

Add the Alert Manager Enterprise Alert Action to your existing searches and manage your alerts immediately.

Why Alert Manager Enterprise

We know that investigating and analyzing Alerts without switching tools speeds up root cause analyzing and security investigations tremendously. AME is the solution to go from alerts to actionable insights.

With AME, you can move beyond simple fire-and-forget email alerting. The integrated notification schemes allow sending the right information to the right person through the right channel.

AME provides role-based access control to your managed events. For service providers, multi-tenancy can handle all tenants from one front end without compromising security.

The in-built Security Knowledge Pack containing the Cyber Kill Chain, Mitre Att&ack, NIST and CVE Framework helps Security specialists to classify events quickly.

Businesses using Alert Manager Enterprise see results quickly due to easy deployment/configuration and operations.

Explore Alert Manager Enterprise Features

  • Intuitive User Interface
  • Notification Schemes ( Mail, Slack, Webhooks, Alert Actions)
  • Rule Engine to automatically update events
  • Workflow Action to trigger GET/POST-Requests and Searches
  • Alert Aggregation to combine repeating alerts
  • Role-Based Access Control
  • Multi-Tenancy (subscription required)
  • Custom Statuses and Resolutions
  • Security Knowledge Pack for Cyber Kill Chain, Mitre Att&ck, NIST Framework and CVE (subscription required)
  • Service Level Agreement Management (subscription required)
  • Observables
  • Risk Scoring (subscription required)
  • Vulnerability Intelligence (subscription required)
  • Ticketing Integration (subscription required)

Release Notes

Version 3.6.0
Oct. 10, 2025

Full Release Notes

Important
Please read the Before Upgrading Guide before installing this version of AME.

Version 3.6.0

What's new:

  • Integrations: Jira support, ServiceNow control, remote ticket deletion, vulnerability drilldowns.
  • Workflow: Mandatory formatted comments, improved staged realizations (filters, default load, clear option).
  • Data Handling: Lazy ingest, event limits, exploitability from NIST, and new exception rule fields.
  • UI: TanStack Router migration, React UI 5.3 upgrade, comment modal fix.
  • Notifications: Sender address overwrite.

Deprecation notice:

Starting with version 4.0.0, the following features will be deprecated and removed:

  • “squash” configuration option on notification targets
  • Removal of CVE Tag view
  • moved to CVE overview in vulnerability intelligence
  • requires configuration of NIST API key for fetching CVE information
Version 3.5.5
Sept. 22, 2025

What's New
Release Notes

Important
Please read the Before Upgrading

Version 3.5.5

What's new:

  • AME-1299 Implement sender address overwrite in notification targets

Fixed issues:

  • AME-1308 vuln_int_realization_ingest.py consumes a lot of memory during ingest
  • AME-1312 Status 414 during event processing with risk events
  • AME-1314 Rework tracking calculations to keep "stable" trigger times to reduce required updates
  • AME-1318 Realization- / Realization-Exception-Rules / VulnIntReport do not enforce unique names per tenant
Version 3.5.4
Sept. 10, 2025

What's New
Release Notes

Important
Please read the Before Upgrading

Version 3.5.4

Fixed issues:

  • AME-1238 Adding search controls to observables and vulnerability dashboards
  • AME-1262 Fixing event actions alignment
  • AME-1269 Enabling keep alive for long-lived search jobs used in vulnerability dashboards
  • AME-1276 Updating the complete EPSS dataset instead of the newest CVEs
  • AME-1280 Observable chart editor loses focus on input
  • AME-1283 Fixing the width of workflow action dropdowns
  • AME-1284 Implementing resizable tables
  • AME-1286 Fixing CVE downloads not respecting proxy and certificate settings
  • AME-1288 Presenting errors from generating commands in vulnerability dashboards
  • AME-1297 Fixing CVE updates being rejected
  • AME-1298 Implementing action to reset CVE ingest markers
  • AME-1301 Implementing relative observable fields in vulnerability matching context
  • AME-1302 Sorting lists in enriched event context
  • AME-1303 Fix identical data entries in event from vulnerability realization rules
  • AME-1305 Excessive collection size and cache size in vulnerability housekeeping
  • AME-1306 Fixing purging and pruning for large collections
Version 3.5.3
Aug. 22, 2025

What's New
Release Notes

Important
Please read the Before Upgrading

Version 3.5.3

Fixed issues:

  • AME-1275 Fixed an issue where realization details failed to load
  • AME-1272 Resolved limitation where vulnerability realization queries were capped at 10k results when using realization filters
  • AME-1268 Improved CVE handling to add realizations to staged queue when CVE is not found in KV-Store
  • AME-1285 Adding support for Splunk Cloud non-semantic versioning
Version 3.5.1
Aug. 11, 2025

What's New
Release Notes

Important
Please read the Before Upgrading

Version 3.5.1

What's new:

  • AME-1226 Upgrade to React UI 5.0
  • AME-1219 Allow jinja2 templated comparisons for data & trigger conditions in notification flows

Fixed issues:

  • AME-1256 Ticketing integration test does not show that it is ongoing
  • AME-1254 Ticketing integration: Remote-Ticket-ID is not correctly set on existing update entries
  • AME-1253 Direct From Search Notification Trigger: preconditions are not checked
  • AME-1251 SLAEntryService: dont call register_event_attached_data_changed from fulfillment and violation as an event update is made anyway
  • AME-1249 Risk-Event changes does not trigger an event-lifecycle update, preventing SNOW from getting an updated description
    ...
    See more here
Version 3.5.0
July 22, 2025

What's New
Release Notes

Important
Please read the Before Upgrading

Version 3.5.0

What's new:

  • Vulnerability Intelligence
  • Implement option to load observable data in ameevents
  • Observability Reporting Groups
  • Ingest Observable Group Alert Action
  • Create AME Notifcation Alert Action

Fixed issues:

  • AME-1113 KPI Report Resolved Events - Average Resolve Duration panels not working
  • AME-1115 Creating an event from an interactive search causes an exception in JobWrapper
  • AME-1129 Bulk-Update of events does not trigger sync for SNOW
  • AME-1134 Rework filtering logic for observables overview to apply implicit OR within the same field
Version 3.4.0
May 8, 2025

What's New
Release Notes

Important
Please read the Before Upgrading

Version 3.4.0

What's new:

  • Ticketing Integration with ServiceNow
  • AME-1088 Allow assignee filtering for current user
  • AME-1085 New event summary action for updating events
  • AME-1084 New event summary action to comment events
  • AME-919 Add observable and risk data to notification context
  • AME-850 Display User's Full Name in History and Comments
  • AME-787 Support for single tenant licensing

Fixed issues:

  • AME-1054 Typo in ame_events_overview
  • AME-1043 Observable tab, selected but not present fields can not be deselected
Version 3.3.2
April 10, 2025

What's New
Release Notes

Important
Please read the Before Upgrading

Version 3.3.2

Fixed issues:

  • AME-1045 ResizeObserver loop Notifications Appearing when resizing or zooming into the browser window
  • AME-1046 Alert time in E-Mail Template is in epoch
  • AME-1050 Ensure that Upgrade Tasks working with KV-Wrappers directly don't try to work with soft-deleted elements
Version 3.2.3
Jan. 15, 2025

What's New
Release Notes

Important
Please read the Before Upgrading

Version 3.2.3

What's new:

  • AME-724 Clonable Fieldsets
  • AME-832 Tooltips on comment page

Fixed issues:

  • AME-823 Submit button should be disabled for status, resolution, assignee modal when no change
  • AME-824 Event Resolution change should only show applicable resolutions for current status
  • AME-826 Add _cam and _cam_workers to AlertQueueOriginalSearch or allow extra arguments
  • AME-831 Use secondary sort field for consistent sorting results
  • AME-833 Extended view does not break on width
  • AME-849 Show assignee display name missing on assignee hover
Version 3.1.3
Oct. 17, 2024

What's New
Release Notes

Important
Please read the [Before Upgrading](https://docs.datapunctum.com/ame/ame-before-upgrading

Fixed issues:

  • AME-780 Bulk update does not chunk existing query
  • AME-781 Bulk update modal should only allow save if something is updated
Version 3.0.8
July 1, 2024

What's New
Release Notes

Important
Please read the [Before Upgrading](https://docs.datapunctum.com/ame/ame-before-upgrading

Fixed issues:
- AME-605 Notification-Templates: TextArea and better access to alert data
- AME-609 Correct ame_server log level
- AME-610 Inconsistent Event state after updating event via REST
- AME-613 Action-Notification: allow empty structured templates
- AME-614 Migration tags are not handled the same for event and tag creation
- AME-615 Add count=0 to user list in user tenant mapping to fetch all users
8,936
Downloads
Share Subscribe LOGIN TO DOWNLOAD
Version
Built by
Datapunctum AG , an official Splunk Partner
Support
Questions on Splunk Answers Flag as inappropriate App Contents: Inputs, Alert Actions App Contents: Inputs, Alert Actions App Contents: Inputs, Alert Actions App Contents: Inputs, Alert Actions App Contents: Inputs, Alert Actions App Contents: Inputs, Alert Actions App Contents: Inputs, Alert Actions App Contents: Inputs, Alert Actions App Contents: Inputs, Alert Actions App Contents: Inputs, Alert Actions App Contents: Inputs, Alert Actions
Compatibility
This version of the app (3.1.3) is not available for Splunk Cloud. However, version 3.2.3 of this app is available for Splunk Cloud.
This version of the app (3.0.8) is not available for Splunk Cloud. However, version 3.2.3 of this app is available for Splunk Cloud.
Products: Splunk Enterprise, Splunk Cloud Products: Splunk Enterprise, Splunk Cloud Products: Splunk Enterprise, Splunk Cloud Products: Splunk Enterprise, Splunk Cloud Products: Splunk Enterprise, Splunk Cloud Products: Splunk Enterprise, Splunk Cloud Products: Splunk Enterprise, Splunk Cloud Products: Splunk Enterprise, Splunk Cloud Products: Splunk Enterprise, Splunk Cloud Products: Splunk Enterprise Products: Splunk Enterprise
Splunk Versions: 10.0, 9.4, 9.3, 9.2 Platform: Platform Independent Splunk Versions: 10.0, 9.4, 9.3, 9.2 Platform: Platform Independent Splunk Versions: 10.0, 9.4, 9.3, 9.2 Platform: Platform Independent Splunk Versions: 10.0, 9.4, 9.3, 9.2 Platform: Platform Independent Splunk Versions: 10.0, 9.4, 9.3, 9.2 Platform: Platform Independent Splunk Versions: 10.0, 9.4, 9.3, 9.2 Platform: Platform Independent Splunk Versions: 10.0, 9.4, 9.3, 9.2, 9.1 Platform: Platform Independent Splunk Versions: 10.0, 9.4, 9.3, 9.2, 9.1 Platform: Platform Independent Splunk Versions: 9.4, 9.3, 9.2, 9.1 Platform: Platform Independent Splunk Versions: 9.4, 9.3, 9.2, 9.1 Platform: Platform Independent Splunk Versions: 9.2, 9.1, 9.0 Platform: Platform Independent
Licensing
Customer License Agreement for App
Category & Contents
Categories: IT Operations, Security, Fraud & Compliance
App Type: App
Subscribe Share

Are you a developer?

As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps from Splunk, our partners and our community. Find an app for most any data source and user need, or simply create your own with help from our developer portal.

Submit New Splunk App Dev Resources
PLATFORM
Data-to-Everything Platform
Splunk Cloud
Splunk Enterprise
Splunk Machine Learning Toolkit
Splunk Data Stream Processor
Pricing
Free Trials & Downloads
SECURITY PRODUCTS
Splunk Enterprise Security
Splunk Phantom
Splunk Mission Control
Splunk User Behavior Analytics
IT OPERATIONS & OBSERVABILITY PRODUCTS
Splunk Infrastructure Monitoring
Splunk IT Service Intelligence
Splunk Application Performance Monitoring
Splunk On-Call
SOLUTIONS BY INITIATIVE
Cloud Transformation
SOLUTIONS BY FUNCTION
Security
IT
Devops
SOLUTIONS BY INDUSTRY
Aerospace & Defense
Communications
Energy & Utilities
Financial Services
Healthcare
Higher Education
Manufacturing
Nonprofits
Online Services
Public Sector
Retail
WHY SPLUNK?
Why Splunk?
Customer Stories
Partners
Data-to-Everything
Diversity & Inclusion
SUPPORT
Support Portal
Support Programs
Splunk Answers
Contact Us
Product Security Updates
RESOURCES
Events
Webinars
Blogs
Customer Success
Expert Services
Data Insider
View All Resources
FOR DEVELOPERS
Documentation
Best Practices
Get Started with Splunk
Training & Certification
User Groups
Community
Splunkbase
Splunk dev
COMPANY
About Splunk
Careers
Leadership
Splunk for Good
Splunk Ventures
Splunk Protects
Newsroom
COVID-19 Response
SPLUNK SITES
.conf
Splunk Live!
T-Shirt Store
Investor Relations
Follow Us:
© 2005-2025 Splunk LLC All rights reserved.
Sitemap | Privacy | Website Terms of Use | Splunk Licensing Terms | Export Control | Modern Slavery Statement | Splunk Patents | Report a Problem
Splunk, Splunk>,Turn Data Into Doing, Data-to-Everything, and D2E are trademarks or registered trademarks of Splunk LLC in the United States and other countries. All other brand names,product names,or trademarks belong to their respective owners.