Dashboards & Visualizations

How to combine results of two alerts into one email?

michaelsplunk1
Path Finder

Hello!

We currently have two separate alerts. One that prints a list of devices and another that prints a list of records related to those devices (I used the map command to iterate over the list of devices to print the list of records for each device).

So currently we get two emails, one right after the other. The first has the list of devices and the second has the records for those devices.

Is there a way to print the list of devices and the list of all their records right below in a single email?

Labels (1)
Tags (3)
0 Karma

ITWhisperer
SplunkTrust
SplunkTrust

This is not possible. You could try creating a single search which combines both your current searches.

0 Karma
Get Updates on the Splunk Community!

Improve Your Security Posture

Watch NowImprove Your Security PostureCustomers are at the center of everything we do at Splunk and security ...

Maximize the Value from Microsoft Defender with Splunk

 Watch NowJoin Splunk and Sens Consulting for this Security Edition Tech TalkWho should attend:  Security ...

This Week's Community Digest - Splunk Community Happenings [6.27.22]

Get the latest news and updates from the Splunk Community here! News From Splunk Answers ✍️ Splunk Answers is ...