Solved: custom Email Templates with dynamic search results...

PatrickButterly · ‎07-06-2017

Hey Hoping somebody has a clean answer to this.
Basically I have a search generating data to turn into an alert that ends in:

| table Group email Values | map search="| sendemail to= $email$ subject=Update message=$Values$"

The powers that be command certain styling on this email message not simply the values. After combing through many posts I haven't really found a straight answer. Ideally I would have a template email (template.html) that i could import and replace a part of it with the values. someting like
| eval emessage=getTemplate(template.html).replaceregex("x", "$Values$") | map search="| eval emessage=getTemplate(template.html).replace("replaceMe", "$Values$") | sendemail to= $email$ subject=Update message=emessage"

I get that is a bit of a stretch, but has anybody been able to achieve something like that? or is the only option to write a script and work it through that
Thanks

PatrickButterly · ‎08-31-2017

So after much research and work I found the only way to do this is to build out a new command with a sendmail function that will generate a templated email

View solution in original post

PatrickButterly · ‎08-31-2017

So after much research and work I found the only way to do this is to build out a new command with a sendmail function that will generate a templated email

custom Email Templates with dynamic search results? can it be done?

What's New in Splunk Enterprise 9.4: Features to Power Your Digital Resilience

Take Your Breath Away with Splunk Risk-Based Alerting (RBA)

SignalFlow: What? Why? How?