Solved: Re: Can email support two formats?

hjwang · ‎12-01-2010

splunk now supports email format including txt,html,raw,csv. now we wanna send email by html format and sms by raw format in the same saved-research. Can splunk support this? we wrote sms function in sendemail.py to trigger email and sms alert at the same time.Thanks

gkanapathy · ‎12-01-2010

email is sent just by sending the search results to the sendemail.py script. You can simply make a copy and modify this script to create a new custom search command and pipe your results to that new script instead. You could change the default one, but that is actually a bit more involved if you want to avoid your changes being overwritten on upgrades.

View solution in original post

gkanapathy · ‎12-01-2010

email is sent just by sending the search results to the sendemail.py script. You can simply make a copy and modify this script to create a new custom search command and pipe your results to that new script instead. You could change the default one, but that is actually a bit more involved if you want to avoid your changes being overwritten on upgrades.

Lowell · ‎12-01-2010

Anything in "local" should not be overwritten, you are correct; but you run the risk of anything in your "bin" folder being overwritten during an upgrade. Making a new app is fairly simple and I would recommend packaging all of that up within your own app.

hjwang · ‎12-01-2010

That's ok. if i put commands.conf in $splunk_home/etc/apps/search/local directory, theoretically, it should be avoided changes being overwritten on updates, right?

Can email support two formats?

Threat Hunting Unlocked: How to Uplevel Your Threat Hunting With the PEAK Framework ...

Splunk APM: New Product Features + Community Office Hours Recap!

Index This | Forward, I’m heavy; backward, I’m not. What am I?