Alerting
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How to include time field in email message body?

Murali
Explorer
‎04-02-2023 11:51 PM

Hi All,

I'm setting an alert and sending email notification to my inbox.

I have a field called Time and basically it calculates the duration. Example:  "25 minutes ago"    

Hence , when I include the field in the message , like below:

$result.Time$   

I get message in my inbox in seconds. 
Example: 

Host abcd CPU usage reached 97% 1680502445 . Please investigate.

So if you look here , the 1680502445 is the time duration in seconds.

It suppose to pick the summarized time as per the column result. 


Murali_0-1680504445252.png

Please help  how can I get the same output like what I have gathered in the Time1 column. 

 

Thanks




Labels (1)
Labels
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

gcusello
SplunkTrust
SplunkTrust
‎04-07-2023 11:08 PM

Hi @Murali,

could you share your search?

probably the issue is in the Time formatiing, e.g. you could add at the end of your search:

| eval Time=tostring(Time, "duration")

Ciao.

Giuseppe

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

gcusello
SplunkTrust
SplunkTrust
‎04-07-2023 11:08 PM

Hi @Murali,

could you share your search?

probably the issue is in the Time formatiing, e.g. you could add at the end of your search:

| eval Time=tostring(Time, "duration")

Ciao.

Giuseppe

0 Karma
Reply
Solved! Jump to solution

gcusello
SplunkTrust
SplunkTrust
‎07-02-2023 11:29 PM

Hi @Murali,

good for you, see next time!

Ciao and happy splunking

Giuseppe

P.S.: Karma Points are appreciated 😉

0 Karma
Reply
Get Updates on the Splunk Community!

Cultivate Your Career Growth with Fresh Splunk Training

Growth doesn’t just happen—it’s nurtured. Like tending a garden, developing your Splunk skills takes the right ...

Introducing a Smarter Way to Discover Apps on Splunkbase

We’re excited to announce the launch of a foundational enhancement to Splunkbase: App Tiering.  Because we’ve ...

How to Send Splunk Observability Alerts to Webex teams in Minutes

As a Developer Evangelist at Splunk, my team and I are constantly tinkering with technology to explore its ...