topic Re: How to send email alert where email is taken from the logs ? in Splunk Enterprise https://community.splunk.com/t5/Splunk-Enterprise/How-to-send-email-alert-where-email-is-taken-from-the-logs/m-p/509075#M2609 <P>Hi&nbsp;<a href="https://community.splunk.com/t5/user/viewprofilepage/user-id/210684">@haripriyasarve1</a>,<BR /><BR />You could create a field that includes the email from the search results and in the Alert settings add a token to reference that field in the "To" box like&nbsp;<SPAN>$result.</SPAN><I>fieldname</I><SPAN>$</SPAN><BR /><BR /><A href="https://docs.splunk.com/Documentation/Splunk/8.0.5/Alert/EmailNotificationTokens" target="_blank">https://docs.splunk.com/Documentation/Splunk/8.0.5/Alert/EmailNotificationTokens</A></P><P>Hope that helps</P><P>Ralph</P><P>&nbsp;</P><P>&nbsp;</P> Tue, 14 Jul 2020 13:37:53 GMT rnowitzki 2020-07-14T13:37:53Z How to send email alert where email is taken from the logs ? https://community.splunk.com/t5/Splunk-Enterprise/How-to-send-email-alert-where-email-is-taken-from-the-logs/m-p/509045#M2608 <P>Hi Everyone,</P><P>I have data like below,</P><P>Certificate1, expirydate-15/7/2020, <A href="mailto:a@gmail.com" target="_blank" rel="noopener">a@gmail.com</A></P><P>Certificate2, expirydate-18/7/2020, <A href="mailto:a@gmail.com" target="_blank" rel="noopener">b@gmail.com</A></P><P>I need to setup email alerts in such a way, when expiry date is today , need to send alert to that particular email id automatically.&nbsp;</P><P>I have around 1000 certificates, so if I do it manually, it takes so much time. Is there a way where we can automate this? Please help out.</P><P>&nbsp;</P> Tue, 14 Jul 2020 11:10:26 GMT https://community.splunk.com/t5/Splunk-Enterprise/How-to-send-email-alert-where-email-is-taken-from-the-logs/m-p/509045#M2608 haripriyasarve1 2020-07-14T11:10:26Z Re: How to send email alert where email is taken from the logs ? https://community.splunk.com/t5/Splunk-Enterprise/How-to-send-email-alert-where-email-is-taken-from-the-logs/m-p/509075#M2609 <P>Hi&nbsp;<a href="https://community.splunk.com/t5/user/viewprofilepage/user-id/210684">@haripriyasarve1</a>,<BR /><BR />You could create a field that includes the email from the search results and in the Alert settings add a token to reference that field in the "To" box like&nbsp;<SPAN>$result.</SPAN><I>fieldname</I><SPAN>$</SPAN><BR /><BR /><A href="https://docs.splunk.com/Documentation/Splunk/8.0.5/Alert/EmailNotificationTokens" target="_blank">https://docs.splunk.com/Documentation/Splunk/8.0.5/Alert/EmailNotificationTokens</A></P><P>Hope that helps</P><P>Ralph</P><P>&nbsp;</P><P>&nbsp;</P> Tue, 14 Jul 2020 13:37:53 GMT https://community.splunk.com/t5/Splunk-Enterprise/How-to-send-email-alert-where-email-is-taken-from-the-logs/m-p/509075#M2609 rnowitzki 2020-07-14T13:37:53Z