Hi. I'm trying to selectively send emails (using sendemail); if the output of the query is "No results found" or "No results", I don't want to send emails.
here's my cli command:
splunk search "|savedsearch hello|sendemail email@example.com firstname.lastname@example.org sendresults=true format=html inline=true subject=splunk_log"
hello is a generic query returning nothing
... View more