Thank you. That is what I did for now. However, I was hoping to keep the table format. Hopefully, in the future Splunk allows more options and/or customization for emails.

alert search: dvc_plug_success
which is:

index=epo source=epo prod_action=Block threat_type="Device Plug" | eval et_time=strftime(_time, %m/%d/%y %H:%M:%S") | table time, event_id, hostname, ipaddress, domain, username, bus_type, dev_plug_utc, threat_vector, threat_type, product_action, dev_class_name,dev_desc,dev_name,dev_compatible_id, dev_instance_id, pci_vendor_id, pci_device_id, usb_class, usb_vendor_id, usb_product_id, usb_serial, fs_type, fs_state, fs_vol_serial, fs_vol_label

Alert settings are:
alert type: real-time

trigger alert when "Per Result"
Actions: Send Email
Message: default email alerts
To include: link to alert, link to results, Inline: Table, Attach PDF
Type: HTML&Plain Text

Let me know if you need anything else.

YOu've setup a real-time alert, for which the alert type/triggering condition is per result. So if you alert search is generating 10 records, it will send out 10 alerts. I would suggest converting this to scheduled alert (runs with fixed time range and at a frequency) which allows a "once per search" triggering. See this link for more details on those two types of alerts:
https://docs.splunk.com/Documentation/Splunk/7.2.3/Alert/AlertTypesOverview

The problem isn't the records. The issue is that in the emails I want the table to be vertical and not horizontal. If I use the transpose in the search, an email is produced for each field in the table. So there would be an email for time, another for event_id, another for hostname, and so on.