Is your feature request related to a problem? Please describe.
It is easy at the moment to disable a detector, but not to avoid deploying it.
So a lot of detectors are deployed with disabled alert rules.
Furthermore Splunk currently has issues with disabled alert rules that still randomly trigger, so not deploying the detector altogether would be a good solution
Describe the solution you'd like
Make it easy to disable deployment of a detector, just a variable to set
Describe alternatives you've considered
Something could be done with the condition parameter (that would set count to 0) but it's not well documented, and not easy
Is your feature request related to a problem? Please describe. It is easy at the moment to disable a detector, but not to avoid deploying it. So a lot of detectors are deployed with disabled alert rules. Furthermore Splunk currently has issues with disabled alert rules that still randomly trigger, so not deploying the detector altogether would be a good solution
Describe the solution you'd like Make it easy to disable deployment of a detector, just a variable to set
Describe alternatives you've considered Something could be done with the
conditionparameter (that would setcountto0) but it's not well documented, and not easy