Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Sendemail query: How to send email to individual owners with servers details, who's status is shown as "MISSING"?

raomu
Explorer
‎02-20-2018 01:02 PM

Hello,

I have a resultant data like this:

Server Name    Status      Location      Owner   Email Id 

A-Z1           Missing.    Spain.          AAA        AAA@domain.com
A-Z2           Active      Japan           BBB        BBB@domain.com
A-Z3           Missing     Japan           CCC.       CCC@domain.com

I want to send email to individual owners with servers details, who's status is shown "MISSING"

0 Karma
Reply

elliotproebstel
Champion
‎02-20-2018 01:14 PM

This should get you started:

[ your current search ]
| search Status="Missing"
| map 
 [| sendemail to="$EmailID$" subject="subject line" from=youremail@whatever.com message="Your server status is MISSING"  ]

This is an adaptation from an old post: https://answers.splunk.com/answers/186045/how-can-i-use-a-combination-of-map-and-sendemail-t.html

0 Karma
Reply

thambisetty
SplunkTrust
SplunkTrust
‎04-26-2020 05:55 AM

I tried its not working

getting below warning

2020-04-26 16:52:22,953 +0400 WARNING sendemail:1505 - search results is empty, no email will be sent

————————————
If this helps, give a like below.
0 Karma
Reply
Get Updates on the Splunk Community!

Index This | I’m short for "configuration file.” What am I?

May 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with a Special ...

New Articles from Academic Learning Partners, Help Expand Lantern’s Use Case Library, ...

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

Your Guide to SPL2 at .conf24!

So, you’re headed to .conf24? You’re in for a good time. Las Vegas weather is just *chef’s kiss* beautiful in ...