There is a way to do it.
You could group your alerts per category / host, and use a lookup to map those fields to a person to contact.
This make sense if your alert is a summary, not a list of every events.

example :

with a lookup like : alert_mapping.csv

host; email 
A;mistera@email.com 
B;misterb@email.com 
C;misterc@email.com 

and search like :

<mysearch> ERROR | stats count host 
 | LOOKUP alert_mapping.csv host OUTPUTS email 
 | fillnull email value=default@email.com 

You will end up with results like :

host; count; email 
A 30 mistera@email.![alt text][1]com
B 21 misterb@email.com
Z 10 default@email.com (we added a security to have a catchall email) 

Then in the email alert :
- use the option : alert one per result (not per search)
- populate the field "TO:" with the token $result.email$

see the attached screenshot.

You can of course customize this to use something else than the host field.
You can also add more informations to the lookup, or use macros
and pass them to the email

by example to check host and component

host; component; owner ; email; action ; SLA; priority 
A; network; frank ; f@email.com ; fix the network please ; 10min; P2 
A; storage; frank ; f@email.com ; fix the storage please ; 30min; P2 
B; storage; bill ; b@email.com ; this host need help ; 30min; P3 
B; security; bill ; b@email.com ; security breach ; 30min; P1 
etc... 

You also can use other tokens to enrich your email.
see http://docs.splunk.com/Documentation/Splunk/local/Alert/Emailnotification