Reporting
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

What the SPLUNK?

jon_yarbrough
New Member
‎11-17-2011 08:53 AM

hi everyone, i'm new to Splunk and i've read through the tons of forums and i can't find the solution to my problem. what i'm trying to do is to change the headers and the information that is shown when an email alert is sent to me with the errors that i determined i would like to view. i have no idea where i can find the headers or where/how to create a custom search result. do i need to create a script or something and if i do, where does the script go? does it go in the scripts folder on the SPLUNK server or on the web base UI?

Tags (1)
0 Karma
Reply

gekoner
Communicator
‎11-17-2011 10:14 AM

In the WebGUI go to Manager --> Searches and Reports. Either create a new Saved Search (I wasn't sure if you had already created one or not) or edit the search you want change the email notification for.
Under the Schedule and alert section, mark the check-box labeled Schedule this search
You should then see all of the fields available for you to edit.
Under Alert actions, find Send email, and mark the check-box that says "Enable"

You can then modify the Email subject, Email address(es), and what to include in the results of your email.
For more options and functionality see this post -http://splunk-base.splunk.com/answers/621/email-alert-subject

Reply
Get Updates on the Splunk Community!

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...

Introducing the 2024 Splunk MVPs!

We are excited to announce the 2024 cohort of the Splunk MVP program. Splunk MVPs are passionate members of ...

Splunk Custom Visualizations App End of Life

The Splunk Custom Visualizations apps End of Life for SimpleXML will reach end of support on Dec 21, 2024, ...