Reporting
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Is the saved search called by the map command allowed to send emails/run scripts?

alexl1
Path Finder
‎10-09-2017 01:15 PM

hi, I want to send an email / run a script one time each for a bunch of ip's in a list, so I was going to iterate over them with the map function with a saved search, instead of setting up a separate saved search for each ip. However I can't get the emails to send. Is the saved search called by the map function allowed to send emails/run scripts?

Thanks,

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

justinatpnnl
Communicator
‎10-09-2017 03:11 PM

You should be able to do this without using the map command. You just need to have the email address in your search results.

example:

alt text

Then you can set up an alert action to send an email FOR EACH RESULT using the value from the email field in the TO address:

alt text

View solution in original post

Preview file
33 KB
Preview file
43 KB
0 Karma
Reply
Solved! Jump to solution

lfedak_splunk
Splunk Employee
Splunk Employee
‎10-09-2017 05:23 PM

Hey @alexl1, if they solved your problem, remember to "√Accept" an answer to award karma points 🙂

0 Karma
Reply
Solved! Jump to solution
Solution

justinatpnnl
Communicator
‎10-09-2017 03:11 PM

You should be able to do this without using the map command. You just need to have the email address in your search results.

example:

alt text

Then you can set up an alert action to send an email FOR EACH RESULT using the value from the email field in the TO address:

alt text

Preview file
33 KB
Preview file
43 KB
0 Karma
Reply
Get Updates on the Splunk Community!

Reduce and Transform Your Firewall Data with Splunk Data Management

Managing high-volume firewall data has always been a challenge. Noisy events and verbose traffic logs often ...

Automatic Discovery Part 1: What is Automatic Discovery in Splunk Observability Cloud ...

If you’ve ever deployed a new database cluster, spun up a caching layer, or added a load balancer, you know it ...

Real-Time Fraud Detection: How Splunk Dashboards Protect Financial Institutions

Financial fraud isn't slowing down. If anything, it's getting more sophisticated. Account takeovers, credit ...