I want to pass dynamic value from my search result into email alert subject. I try $result.fieldname$ but it not coming up in the email alert can someone help me? Thanks
Hello Splunk friends,
I'm trying to send a report from Splunk that contains an attached report.
The email subject needs to be last months date, i.e. "My Report Name _ Mar_22", and the same for t...
I am producing data like this in an alert that will throw an email, which is needed. I'm attempting to control the email Subject and Message. I need to make an adjustment though. If all of the s...
Is it possible to add data from a search to the subject line of an email alert? Currently the subject defaults to the name of the saved search, I would also like to append the host name to the subject...
I'm trying to add the hostnames that result from a search to the email subject of an alert but currently I'm only able to have 1 hostname in the subject when I use $result.host$. For example if the s...
When I ran the following query:
index="myindex" sourcetype="hamlet" environment=staging
| top limit=10 client
| eval percent = round(percent)
| rename client AS "Users", count AS ...
In the docs, it says
You can enter a subject header for the email (by default it is set to be Splunk Alert: $name$, where $name$ is replaced by the saved search name)
Is there a list of o...
Hi Splunkers! Im running a very simple query to get the subject of all the emails we are getting. Something like this: index=o365_email_data |table Subject Results look like this: Subject...
I'm configured an Alert to send mail whenever Error type is triggered in windows event log. I need to customize subject for that alert like server name, event type, event ID in mail. For Example: A...
I am using below query to fetch Incident from the subject line:— rex field=subject max_match=0 “(?<Incident>INC\d+)” however, for below subject line i am unable to fetch incident:— [S...