Splunk Cloud Platform
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How to include full log in Splunk alert message ?

splunker_899
Engager
‎10-06-2022 08:04 PM

How to include a full log-in Splunk alert message?

Labels (1)
Labels
Tags (1)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

chaker
Contributor
‎10-06-2022 11:51 PM

Make sure the field _raw is included in your search results. Then you could use $result._raw$ in an email alert for example.

https://docs.splunk.com/Documentation/Splunk/9.0.1/Alert/Emailnotification

 

View solution in original post

Reply
Solved! Jump to solution
Solution

chaker
Contributor
‎10-06-2022 11:51 PM

Make sure the field _raw is included in your search results. Then you could use $result._raw$ in an email alert for example.

https://docs.splunk.com/Documentation/Splunk/9.0.1/Alert/Emailnotification

 

Reply
Solved! Jump to solution

ITWhisperer
SplunkTrust
SplunkTrust
‎10-06-2022 11:47 PM

_fields are often hidden so you could try renaming _raw to raw

| rename _raw as raw
Reply
Get Updates on the Splunk Community!

Index This | Forward, I’m heavy; backward, I’m not. What am I?

April 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

A Guide To Cloud Migration Success

As enterprises’ rapid expansion to the cloud continues, IT leaders are continuously looking for ways to focus ...

Join Us for Splunk University and Get Your Bootcamp Game On!

If you know, you know! Splunk University is the vibe this summer so register today for bootcamps galore ...