Why is my alert report only showing the first resu... - Splunk Community

Splunk Search

I have this table and I'm trying to send it as a report/alert every morning to our teams chat group

This is how it's getting sent out, its only showing the first result of every row

heres the Query

| webping http://CTXSDC1CVDI041.za.sbicdirectory.com:4444/grid/console | append [ webping http://CTXSDC1CVDI042.za.sbicdirectory.com:4444/grid/console ] | append [ webping http://CTXSDC1CVDI043.za.sbicdirectory.com:4444/grid/console ] | append [ webping http://CTXSDC1CVDI044.za.sbicdirectory.com:4444/grid/console ] | append [ webping http://CTXSDC1CVDI045.za.sbicdirectory.com:4444/grid/console ] | append [ webping http://CTXSDC1CVDI046.za.sbicdirectory.com:4444/grid/console ] | append [ webping http://CTXSDC1CVDI047.za.sbicdirectory.com:4444/grid/console ] | append [ webping http://CTXSDC1CVDI048.za.sbicdirectory.com:4444/grid/console ]| append [ webping http://ctxsdc1cvdi013.za.sbicdirectory.com:4444/grid/console ] | append [ webping http://CTXSDC1CVDI049.za.sbicdirectory.com:4444/grid/console ]| append [
webping http://CTXSDC1CVDI050.za.sbicdirectory.com:4444/grid/console ] | eval timed_out = case(timed_out=="False", "Machine On", timed_out=="True", "Machine Off")

| eval response_code=if(response_code==200, "Hub and Node Up", "Hub and Node Down")
| rex field=url "http:\/\/(?<host_name>[^:\/]+)"
| table host_name response_code timed_out total_time

Get Updates on the Splunk Community!

Welcome to the Splunk Community!

(view in My Videos) We're so glad you're here! The Splunk Community is place to connect, learn, give back, and ...

Tech Talk | Elevating Digital Service Excellence: The Synergy of Splunk RUM & APM

Elevating Digital Service Excellence: The Synergy of Real User Monitoring and Application Performance ...

Adoption of RUM and APM at Splunk

Unleash the power of Splunk Observability Watch Now In this can't miss Tech Talk! The Splunk Growth ...