Dear Splunk bro team,

We are in trouble while send result of scheduled search to email.
Our Scheduled search result have a field that indicate who get result.

for example :

field_A code email
a 1 a@gmail.com
b 2 b@gmail.com
c 1 a@gmail.com
d 2 b@gmail.com

Currently, savedsearch are sending earch record is one email (total 4 emails to 2 receipent ).

Expected (2 emails):
+ mail1 send content  to a@gmail.com in 1 file csv
field_A code email
a 1 a@gmail.com
c 1 a@gmail.com

+ mail2 send content b@gmail.com in 1 file csv
field_A code email
b 2 b@gmail.com
d 2 b@gmail.com