Reporting
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Remove query from Emails

Hazel
Communicator
‎08-20-2010 05:11 PM

Hello,

Is there a way to remove the splunk query from the email that is sent out? A lot of our emails go out to users, so we just want them to see the table of results and don't want them to get confused with the query that we ran.

I see an option to include the results. Is there no option to exclude the splunk query?

Thanks Hazel

Tags (1)
Reply

DerekB
Splunk Employee
Splunk Employee
‎05-22-2014 04:23 PM

Starting in Splunk 6.1, this ability is built into the product. Edit your search and look under the "Click to edit email action" link in the "Alert Actions" section. It's a simple check box you can uncheck. It's in the picture in step 4.

http://docs.splunk.com/Documentation/Splunk/6.1.1/Alert/Setupalertactions

Reply

jcrane
Explorer
‎02-21-2013 01:17 PM

I have read the other posts for this as well as this one and the answers are not good ones. This should be an option in the UI.

0 Karma
Reply

Stephen_Sorkin
Splunk Employee
Splunk Employee
‎08-20-2010 05:24 PM

Unfortunately there's no well supported way of doing this, but it's a good enhancement request to forward on to Customer Support.

If you are feeling daring, you can modify $SPLUNK_HOME/etc/apps/search/bin/sendemail.py which renders emails. Note that any modifications will be overwritten on upgrade.

Reply

southeringtonp
Motivator
‎09-17-2010 09:22 PM

If you do modify the script, DON'T modify it in-place. Instead, make a copy and override the sendemail command in the search app. There has been some discussion along these lines in some older threads, including this one -- http://answers.splunk.com/questions/6423/how-to-change-default-alert-smtp-port

0 Karma
Reply
Get Updates on the Splunk Community!

Built-in Service Level Objectives Management to Bridge the Gap Between Service & ...

Wednesday, May 29, 2024  |  11AM PST / 2PM ESTRegister now and join us to learn more about how you can ...

Get Your Exclusive Splunk Certified Cybersecurity Defense Engineer at Splunk .conf24 ...

We’re excited to announce a new Splunk certification exam being released at .conf24! If you’re headed to Vegas ...

Share Your Ideas & Meet the Lantern team at .Conf! Plus All of This Month’s New ...

Splunk Lantern is Splunk’s customer success center that provides advice from Splunk experts on valuable data ...