Thanks mikeshimkus, I think that might help - I'll try to work out if I can get the specific report I need using the create API syntax.
I had another idea of using the tcl "exec" command to call my TMSH command:
exec tmsh send-mail analytics application-security report view-by attack-type measures { } drilldown { { entity policy values { /my_partition/vs-mysite } } { entity severity values { Critical } } { entity violation values { "Attack signature detected" } } } range now-1w format pdf email-addresses { me@company.com }
It's a little messy but does the job. The problem is that tcl doesn't like to execute it - I think I need to work out a way of escaping all the characters etc. that it doesn't like. No luck so far though!
Any ideas?