I would like to have a report emailed to me a few minutes after an alert goes off.  While the alert can include the results, it is based on something specific and will not have all the information I need.  Let's say the alert is set up to catch too many host communication  errors to a specific endpoint.  Errors>100.  Currently I either go to the alert and alter it to make a time chart to see any trends, or go to a specific dashboard that shows communication errors with other endpoints, network status, response times, etc.  When the problem goes away I take all the Splunk graphs and make an incident report.  

I would like to have a report with graphs and other info based on the dashboard emailed to me at the time of the alert and 10 minutes after.   Sometimes I can get to my email, but not to Splunk.   This would also help with the incident report and make them more uniform. 

Is this possible?  I have not worked with reports much.  Can a report be triggered by a separate search?  I could not find that answer online so I believe it can't.  I could write a query that looks at the last time an alert went off and have that trigger the associated report if possible.  I would like some type of PDF that I can just attach to the incident report.  More importantly I would like to have much more detail emailed to me after an alert.  I'm not even sure what an emailed report looks like.  I could google that, but If I can't trigger it there is no need for the report.  Although in reading about reports I want to use them more with dashboards. 

Thanks