cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
splunkhan
New Member
Member since: ‎04-02-2019
‎10-14-2020
Community Statistics
Posts 3
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎04-02-2019
View All

Re: group results to be emailed to appropriate sup...

by in Splunk Search
‎05-13-2019 11:03 PM
‎05-13-2019 11:03 PM
Hi splunkhan, untested and just making this up, but something like this should work: | lookup host_email.csv | search "error1" OR "error2" OR "error3" OR "error4" OR "exception1" OR "exception2" OR "exception3" | stats count values(_raw) by host | search action.email=1 action.email.to=email_address | map maxsearches=0 search="stats count | fields - count | sendemail from=buttercup@splunk.com to=$action.email$ subject=$alert.subject$ message=$alert.message$ sendresults=true" You might need to modify to work correct, and read about the sendemail command here https://docs.splunk.com/Documentation/Splunk/latest/SearchReference/Sendemail and the map command here https://docs.splunk.com/Documentation/Splunk/latest/SearchReference/Map Hope this helps ... cheers, MuS ... View more

Re: how to search on multiple key/value

by in Splunk Search
‎04-03-2019 11:28 PM
‎04-03-2019 11:28 PM
This solution works as expected! Thank you! ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎10-14-2020 01:48 PM