API Stability Long-Term

The updateEmailAction() GraphQL mutation may be used to update an email action in LogScale.

For more information on creating email actions, see the Action Type: Email documentation page. You may also want to look at the Actions page for related information.

Syntax

Below is the syntax for the updateEmailAction() mutation field:

graphql
updateEmailAction(
     input: UpdateEmailAction!
   ): EmailAction!

Below is an example of how this mutation field might be used:

Raw
graphql
mutation {
  updateEmailAction( input:
     { viewName: "humio",
       name: "WakeUp",
       id: "TnerUkLClqEQsANYk0ZYh8ZdpKvFXVHL"
       recipients: ["bob@company.com", "ted@company.com" ],
       useProxy: false
    } 
  )
  { name }
}
Mac OS or Linux (curl)
shell
curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "mutation {
  updateEmailAction( input:
     { viewName: \"humio\",
       name: \"WakeUp\",
       id: \"TnerUkLClqEQsANYk0ZYh8ZdpKvFXVHL\"
       recipients: [\"bob@company.com\", \"ted@company.com\" ],
       useProxy: false
    } 
  )
  { name }
}"
}
EOF
Mac OS or Linux (curl) One-line
shell
curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "mutation {
  updateEmailAction( input:
     { viewName: \"humio\",
       name: \"WakeUp\",
       id: \"TnerUkLClqEQsANYk0ZYh8ZdpKvFXVHL\"
       recipients: [\"bob@company.com\", \"ted@company.com\" ],
       useProxy: false
    } 
  )
  { name }
}"
}
EOF
Windows Cmd and curl
shell
curl -v -X POST $YOUR_LOGSCALE_URL/graphql ^
    -H "Authorization: Bearer $TOKEN" ^
    -H "Content-Type: application/json" ^
    -d @'{"query" : "mutation { ^
  updateEmailAction( input: ^
     { viewName: \"humio\", ^
       name: \"WakeUp\", ^
       id: \"TnerUkLClqEQsANYk0ZYh8ZdpKvFXVHL\" ^
       recipients: [\"bob@company.com\", \"ted@company.com\" ], ^
       useProxy: false ^
    }  ^
  ) ^
  { name } ^
}" ^
} '
Windows Powershell and curl
powershell
curl.exe -X POST 
    -H "Authorization: Bearer $TOKEN"
    -H "Content-Type: application/json"
    -d '{"query" : "mutation {
  updateEmailAction( input:
     { viewName: \"humio\",
       name: \"WakeUp\",
       id: \"TnerUkLClqEQsANYk0ZYh8ZdpKvFXVHL\"
       recipients: [\"bob@company.com\", \"ted@company.com\" ],
       useProxy: false
    } 
  )
  { name }
}"
}'
    "$YOUR_LOGSCALE_URL/graphql"
Perl
perl
#!/usr/bin/perl

use HTTP::Request;
use LWP;

my $TOKEN = "TOKEN";

my $uri = '$YOUR_LOGSCALE_URL/graphql';

my $query = "mutation {
  updateEmailAction( input:
     { viewName: \"humio\",
       name: \"WakeUp\",
       id: \"TnerUkLClqEQsANYk0ZYh8ZdpKvFXVHL\"
       recipients: [\"bob@company.com\", \"ted@company.com\" ],
       useProxy: false
    } 
  )
  { name }
}";
$query =~ s/\n/ /g;
my $json = sprintf('{"query" : "%s"}',$query);
my $req = HTTP::Request->new("POST", $uri );

$req->header("Authorization" => "Bearer $TOKEN");
$req->header("Content-Type" => "application/json");

$req->content( $json );

my $lwp = LWP::UserAgent->new;

my $result = $lwp->request( $req );

print $result->{"_content"},"\n";
Python
python
#! /usr/local/bin/python3

import requests

url = '$YOUR_LOGSCALE_URL/graphql'
mydata = r'''{"query" : "mutation {
  updateEmailAction( input:
     { viewName: \"humio\",
       name: \"WakeUp\",
       id: \"TnerUkLClqEQsANYk0ZYh8ZdpKvFXVHL\"
       recipients: [\"bob@company.com\", \"ted@company.com\" ],
       useProxy: false
    } 
  )
  { name }
}"
}'''

resp = requests.post(url,
                     data = mydata,
                     headers = {
   "Authorization" : "Bearer $TOKEN",
   "Content-Type" : "application/json"
}
)

print(resp.text)
Node.js
javascript
const https = require('https');

const data = JSON.stringify(
    {"query" : "mutation {
  updateEmailAction( input:
     { viewName: \"humio\",
       name: \"WakeUp\",
       id: \"TnerUkLClqEQsANYk0ZYh8ZdpKvFXVHL\"
       recipients: [\"bob@company.com\", \"ted@company.com\" ],
       useProxy: false
    } 
  )
  { name }
}"
}
);


const options = {
  hostname: '$YOUR_LOGSCALE_URL',
  path: 'graphql',
  port: 443,
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    'Content-Length': data.length,
    Authorization: 'BEARER ' + process.env.TOKEN,
    'User-Agent': 'Node',
  },
};

const req = https.request(options, (res) => {
  let data = '';
  console.log(`statusCode: ${res.statusCode}`);

  res.on('data', (d) => {
    data += d;
  });
  res.on('end', () => {
    console.log(JSON.parse(data).data);
  });
});

req.on('error', (error) => {
  console.error(error);
});

req.write(data);
req.end();
Example Responses
Success (HTTP Response Code 200 OK)
json
{
  "data": {
    "updateEmailAction": {
      "name": "WakeUp"
    }
  }
}

Given Datatypes

For UpdateEmailAction, there are several parameters that may be given. Below is a list of them along with a description of each:

Table: UpdateEmailAction

ParameterTypeRequiredDefaultStabilityDescription
Some arguments may be required, as indicated in the Required column. For return datatypes, this indicates that you must specify which fields you want returned in the results.
Table last updated: Mar 28, 2025
attachCsvboolean falseLong-TermWhether the result set should be be attached as a CSV file.
bodyTemplatestring  Long-TermBody of the email. Can be templated with values from the result.
idstringyes Long-TermThe unique identifier of the action.
namestringyes Long-TermThe name of the action.
recipients[string]yes Long-TermList of email addresses where to send an email.
subjectTemplatestring  Long-TermSubject of the email. Can be templated with values from the result.
useProxybooleanyes Long-TermDefines whether the action should use the configured proxy to make web requests.
viewNamestringyes Long-TermThe name of the view of the action.

Returned Datatypes

The returned datatype EmailAction has several parameters. Below is a list of them along with a description of each:

Table: EmailAction

ParameterTypeRequiredDefaultStabilityDescription
Some arguments may be required, as indicated in the Required column. For return datatypes, this indicates that you must specify which fields you want returned in the results.
Table last updated: Sep 30, 2025
allowedActions[AssetAction]yes Short-TermThe allowed asset actions. See AssetAction . This is a preview feature. Changes may occur.
attachCsvbooleanyes Long-TermWhether the result set should be attached as a CSV file.
bodyTemplatestring  Long-TermBody of the email. Can be templated with values from the result.
createdInfoAssetCommitMetadata  Long-TermMetadata related to the creation of the action. See AssetCommitMetadata.
displayNamestringyes Long-TermThe display name of the action.
idstringyes Long-TermThe unique identifier of the action.
isAllowedToRunbooleanyes Long-TermFalse if this type of action is disabled because of a security policy.
labels[string]  PreviewThe labels associated with the action, if any.
modifiedInfoAssetCommitMetadata  Long-TermMetadata related to the latest modification of the action. See AssetCommitMetadata.
namestringyes Long-TermThe name of the action.
packagePackageInstallation  Long-TermThe package which the action is part. See PackageInstallation.
packageIdVersionedPackageSpecifier  Long-TermThe package version. VersionedPackageSpecifier is a scalar.
recipients[string]yes Long-TermList of email addresses to send an email.
requiresOrganizationOwnedQueriesPermissionToEditbooleanyes Long-TermTrue if this action is used by triggers, where the query is run by the organization. If true, then the OrganizationOwnedQueries permission is required to edit the action.
resourcestringyes Short-TermThe resource identifier for the action.
subjectTemplatestring  Long-TermSubject of the email. Can be templated with values from the result.
useProxybooleanyes Long-TermDefines whether the action should use the configured proxy to make web requests.
yamlTemplateYAMLyes Long-TermA template that can be used to recreate the action. YAML is a scalar.