Re: SendEmail command to send to different emails - Splunk Community

Splunk Search

Hello all. New to splunk. How can I perform a SendEmail for each log that comes in, which will have a different email address for each?

 index=wm_xsp_cad host=vxxx0u8997 "inactive team" index=wm_xsp_cad host=vxxx30u8997 "Inactive team"|table TeamEmail, ECI, CADesc | eval valueForToHeader=TeamEmail | sendemail 
   sendresults=true inline=true
   to= ????
    Subject=\"$CADesc\$\" 
     From="james@jL.com"

     Subject="hello"
     server= localhost
     graceful=false

Thank you, this is helpful

Take a look at the Sendresults search command: https://splunkbase.splunk.com/app/1794/

Making some progress with this however I need assistance with sending one email per record, rather than one email for all the records?

index=wm_xsp_cad host=vxxx0u8997 "inactive team" index=wm_xsp_cad host=vxxx30u8997 "Inactive team"|table TeamEmail, ECI, CADesc | eval valueForToHeader=TeamEmail | sendemail 
  sendresults=true inline=true
  to= ????
   Subject=\"$CADesc\$\" 
    From="james@jL.com"

    Subject="hello"
    server= localhost
    graceful=false

Get Updates on the Splunk Community!

AI for AppInspect

We’re excited to announce two new updates to AppInspect designed to save you time and make the app approval ...

App Platform's 2025 Year in Review: A Year of Innovation, Growth, and Community

As we step into 2026, it’s the perfect moment to reflect on what an extraordinary year 2025 was for the Splunk ...

Operationalizing Entity Risk Score with Enterprise Security 8.3+

Overview Enterprise Security 8.3 introduces a powerful new feature called “Entity Risk Scoring” (ERS) for ...