I have a scheduled report that runs once every 12 hour. But once it runs , it generates same email alerts multiple times during the scheduled time,
Is there any way to compress / throttle to just one report/email ?

| tstats min(_time) as first_time max(_time) as last_time values(sourcetype) where TERM(121.121.1.165) OR TERM(876.234.11.214) OR TERM(192.176.30.196) by index
| convert ctime(first_time) ctime(last_time)