Hi I was trying to create alerts from Splunk. But it was not working as expected. For example below is how the log looks like in Splunk.

Hi I was trying to create email alerts from splunk log. I setup the alert and email is also triggering, but the problem is that I am not getting the mail as expected.

2020-03-18T17:04:27,335+0100 ERROR
[http-nio-10.96.106.134-8084-exec-6]
c.n.c.controller.ErrorController -
Message = Extraction process failed.
ExceptionMessage = The date
223345.990.2 cannot be parsed. The pattern is: YYYY-MM-DD. ExceptionClass
= DateParseException. ExceptionId = fb04d08a-db10-40ee-97a4-d2934f5a55da

host = xxxx.oneadr.net source =
/xxx/logs/ninjainst/microservices/xxxx/TokenHandler/TokenHandler-app.log
sourcetype = xxxx_app

This is what I configured in my splunk for getting mails.

"The alert condition for '$name$' was
triggered on $trigger_date$, where
there is a pattern ERROR in the log.

====================

====================

Host Name: $result.host$.

Source File: $result.source$.

Message: $result.Message$.

Exception Message:
$result.ExceptionMessage$.

ExceptionClass:
$result.ExceptionClass$.

ExceptionId: $result.ExceptionId$"

But I am getting mail as below,few fields are not populating. Any idea about this

The alert condition for '768_Alert'
was triggered on March 18, 2020, where

there is a pattern ERROR in the log.

==================== Host Name: xxxx.oneadr.net. Source File:
/xxx/logs/ninjainst/microservices/xxxx/TokenHandler/TokenHandler-app.log.
Message: . Exception Message: .
ExceptionClass: . ExceptionId: