Let me clarify: When you say "color", you are talking about converting percentage text to a string representation of color code, not to color the percentage text in E-mail alert. Correct? In other words, you want something like
| Name | color | percentage |
| A | red | 71 |
| B | amber | 90 |
| C | red | 44 |
| D | amber | 88 |
| E | red | 78 |
Because while potentially doable (and likely will involve a custom command you need to develop externally), Splunk doesn't provide such a function to color text used in E-mail alerts. If this is the correct requirement, look up documentation for case
I further assume that your "percentage" field doesn't come with a percent sign (%); if you want that % in E-mail, you can always add it after color mapping.
| eval color = case(percentage < 80, "red", percentage < 95, "amber", true(), "green")
Here is a data emulation you can play with and compare with real data
| makeresults format=csv data="Name, percentage
A, 71%
B, 90%
C, 44%
D, 88%
E, 78%"
| eval percentage = replace(percentage, "%", "")
``` data emulation above ```
Hope this helps.
