Reporting
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

emailing saved searches without csv attachment

voxel
Engager
‎05-03-2010 09:40 PM

is there any way i can configure a saved search that will send me the results, but rather than attaching the results as a CSV attachment, put the raw log with the search results inline inside the email?

id like to look at the emailed alerts via email on my blackberry without opening/downloading csv files.

Tags (1)
Reply
1 Solution
Solved! Jump to solution
Solution

the_wolverine
Champion
‎09-13-2010 05:10 AM

If you don't want inline results on a system-wide basis, you can configure results to be included inline by adding the following setting to a particular saved search (in saved searches.conf):

action.email.inline = 1

Obviously this requires access to the filesystem. I've filed an ER to make this a configurable option from the UI.

View solution in original post

Reply
Solved! Jump to solution
Solution

the_wolverine
Champion
‎09-13-2010 05:10 AM

If you don't want inline results on a system-wide basis, you can configure results to be included inline by adding the following setting to a particular saved search (in saved searches.conf):

action.email.inline = 1

Obviously this requires access to the filesystem. I've filed an ER to make this a configurable option from the UI.

Reply
Solved! Jump to solution

Simeon
Splunk Employee
Splunk Employee
‎05-03-2010 10:30 PM

There is an "inline" parameter in alert_actions.conf:

inline = <true | false>
    * Specify whether the search results are contained in the body of the alert email.
    * Defaults to false.

See more detail here:

http://www.splunk.com/base/Documentation/latest/Admin/Alertactionsconf

Reply
Get Updates on the Splunk Community!

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

It’s Monday morning, and your phone is buzzing with alert escalations – your customer-facing portal is running ...

What’s New in Splunk Observability – September 2025

What's NewWe are excited to announce the latest enhancements to Splunk Observability, designed to help ITOps ...

Fun with Regular Expression - multiples of nine

Fun with Regular Expression - multiples of nineThis challenge was first posted on Slack #regex channel ...