Alerting
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

What is the complete list of tokens available for the message in the new 6.1 alerts?

raoul
Path Finder
‎05-12-2014 01:21 AM

I cannot find a complete list of the tokens that are available for the message text in the new Splunk v6.1 alert system.

The online help has some examples like $job.resultCount$ but I cannot find a complete list.

Labels (1)
Labels
Tags (2)
Reply
1 Solution
Solved! Jump to solution

matthewhaswell
Path Finder
‎08-10-2017 04:32 AM

In case anyone else's search brings them here first - the new token documentation is here: http://docs.splunk.com/Documentation/Splunk/6.6.2/Alert/EmailNotificationTokens

Reply
Solved! Jump to solution

rivium_ro_mc
Explorer
‎03-31-2022 09:57 PM

Slight update to this link to reflect a more recent version of Splunk: https://docs.splunk.com/Documentation/Splunk/8.2.5/Alert/EmailNotificationTokens

Quick Reference:

Search Name: $name$
Search Description: $description$
Results Link (reports & alerts): $results_link$
Search String: $search$
Link to saved search: $view_link$

Fields: $result.fieldname$

Job Details

$job.earliestTime$Initial job start time
$job.eventSearch$Subset of the search that appears before any transforming commands
$job.latestTime$Latest time recorded for the search job
$job.messages$List of error and debug messages generated by the search job
$job.resultCount$Search job result count
$job.runDuration$Time, in seconds, for search job completion
$job.sid$Search ID
$job.label$Search job name


Dashboard Label$dashboard.label$
Dashboard Description: $dashboard.description$

 

 

Reply
Solved! Jump to solution

SteveIves1
Engager
‎05-23-2023 02:06 AM

The documentation about the use of tokens talks about using them in emails. Can they be used in other alert integrations such as Moogsoft?

0 Karma
Reply
Solved! Jump to solution

matthewhaswell
Path Finder
‎08-10-2017 04:33 AM

This link now redirects to the main splunk doc page.

0 Karma
Reply
Get Updates on the Splunk Community!

More Ways To Control Your Costs With Archived Metrics | Register for Tech Talk

Tuesday, May 14, 2024  |  11AM PT / 2PM ET Register to Attend Join us for this Tech Talk and learn how to ...

.conf24 | Personalize your .conf experience with Learning Paths!

Personalize your .conf24 Experience Learning paths allow you to level up your skill sets and dive deeper ...

Threat Hunting Unlocked: How to Uplevel Your Threat Hunting With the PEAK Framework ...

WATCH NOWAs AI starts tackling low level alerts, it's more critical than ever to uplevel your threat hunting ...