Need to send mail with multiples information

CesarCrt · ‎01-20-2021

Hello everyone,

There is my search :

my_severity=error my_app="name" earliest=-48h latest=-24h
| stats count as nb_yesterday by my_method limit=0
| appendcols[search my_severity=error my_app="name" earliest=-24h latest=now | stats count as nb_today by my_method]
| eval increase=round(nb_today*100/nb_yesterday)
| eval status=if(increase>100 OR nb_today>10, "CRITICAL", "GOOD")
| table my_method, nb_yesterday, increase, status, nb_today
| sort nb_today desc

my_severity, my_app and my_method are fields that i created myself

with my search, i get multiple results (and multiple lines) and i want to send one mail with the list of CRITICAL status like :

"Hello, we notice some errors :

[name of the method(1)] [status] [increase] [nb_today]

[name of the method(2)] [status] [increase] [nb_today]

[name of the method(3)] [status] [increase] [nb_today]

... "

Thanks.

CesarCrt · ‎01-22-2021

Anyone ???

Maybe i write this topic in the wrong channel.

Need to send mail with multiples information

fields

other

Announcing Scheduled Export GA for Dashboard Studio

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!