Solved: custom Email Templates with dynamic search results...

PatrickButterly · ‎07-06-2017

Hey Hoping somebody has a clean answer to this.
Basically I have a search generating data to turn into an alert that ends in:

| table Group email Values | map search="| sendemail to= $email$ subject=Update message=$Values$"

The powers that be command certain styling on this email message not simply the values. After combing through many posts I haven't really found a straight answer. Ideally I would have a template email (template.html) that i could import and replace a part of it with the values. someting like
| eval emessage=getTemplate(template.html).replaceregex("x", "$Values$") | map search="| eval emessage=getTemplate(template.html).replace("replaceMe", "$Values$") | sendemail to= $email$ subject=Update message=emessage"

I get that is a bit of a stretch, but has anybody been able to achieve something like that? or is the only option to write a script and work it through that
Thanks

PatrickButterly · ‎08-31-2017

So after much research and work I found the only way to do this is to build out a new command with a sendmail function that will generate a templated email

View solution in original post

PatrickButterly · ‎08-31-2017

So after much research and work I found the only way to do this is to build out a new command with a sendmail function that will generate a templated email

custom Email Templates with dynamic search results? can it be done?

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

They're back! Join the SplunkTrust and MVP at .conf24

Enterprise Security Content Update (ESCU) | New Releases