Solved: Multiple Email Alert Types

Greg_LeBlanc · ‎03-07-2011

In alerts_actions.conf I can set up my email alert actions. I have it set so the saved search results display as a CSV attachment. Is there any way to have them displayed in-line as well? I've tried playing with "inline=true" but it seems to only allow one way or another.

Just wondering if anyone has figured out a way to do both.

Ledion_Bitincka · ‎03-08-2011

Currently there is no way to do both via config. You could certainly modify sendemail.py - the script that is responsible for sending out the email to inline and attach.

View solution in original post

Ledion_Bitincka · ‎03-08-2011

Currently there is no way to do both via config. You could certainly modify sendemail.py - the script that is responsible for sending out the email to inline and attach.

Greg_LeBlanc · ‎03-08-2011

I'll go ahead and do that! Thanks.

Multiple Email Alert Types

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Detection Engineering Office Hours: Real-World Troubleshooting & Q&A

Developer Spotlight with Mika Borner

Continue Your Federation Journey: Join Session 3 of the Bootcamp Series

Join the Conversation