Alerting

how do I pass search result value into email subject field in token?

abi2023
Path Finder

I want to pass dynamic value from my search result into email alert subject.

I try $result.fieldname$ but it not coming up in the email alert 
can someone help me?

Thanks

Labels (2)
0 Karma
1 Solution

abi2023
Path Finder

I am able to solve this by add ' before and after $result.fieldname$
example '$result.fieldname$'

View solution in original post

0 Karma

abi2023
Path Finder

I am able to solve this by add ' before and after $result.fieldname$
example '$result.fieldname$'

0 Karma
Get Updates on the Splunk Community!

Message Parsing in SOCK

Introduction This blog post is part of an ongoing series on SOCK enablement. In this blog post, I will write ...

Exploring the OpenTelemetry Collector’s Kubernetes annotation-based discovery

We’ve already explored a few topics around observability in a Kubernetes environment -- Common Failures in a ...

Use ‘em or lose ‘em | Splunk training units do expire

Whether it’s hummus, a ham sandwich, or a human, almost everything in this world has an expiration date. And, ...