Hello splunk users,
I am trying to modify the structure format of the e-mail alerts that I am receiving to XML or other other format. This would help me to be able to grab easier the required fields in order to automatically create tickets. For the time, configuration of alerts gives me a "table" in the email with fields such as user,number of failures and host. So, sendemail.py is the file that sends the e-mail, however, the table does not seem to be structured inside that file nor the value of the variables. Hence, I cannot modify it from there, I think.
Are there any suggestions, or other proposals?
Thanks, Evang