Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Using map to sendemail (email body is empty)

Tim00
Explorer
‎07-14-2021 03:56 AM

Would like to automatically send an email to all email addresses which are the output of a search. My problem is that Splunk is indeed sending an email to all email addresses, like it should, but the email body is empty in all cases. 

This is the query which I use to send the email (the searchquery is above these line's, it's output is user_name, fullname and email):

|table user_name fullname email 
|map maxsearches=5000 search=" stats count
|eval email=\"$email$\"
|eval fullname=\"$fullname$\"
|table fullname email 
|sendemail to=$result.email$  subject="Subject" message=\"Dear colleague, XXXXXX Kind regards, Tim\" sendresults=true inline=true"

The query was created by a colleague of mine, who I can't ask for help anymore since he moved to a different company. Not sure what's wrong with this query. I tried to search the Splunk community and net, but was not able to come up with a solution by myself.

0 Karma
Reply
Get Updates on the Splunk Community!

Data Management Digest – November 2025

  Welcome to the inaugural edition of Data Management Digest! As your trusted partner in data innovation, the ...

Splunk Mobile: Your Brand-New Home Screen

Meet Your New Mobile Hub  Hello Splunk Community!  Staying connected to your data—no matter where you are—is ...

Introducing Value Insights (Beta): Understand the Business Impact your organization ...

Real progress on your strategic priorities starts with knowing the business outcomes your teams are delivering ...