Alerting
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Alert e-mail has no Date: field

mmather67
Path Finder
‎11-15-2011 04:56 PM

I have gotten alerts to work in Splunk, and they send e-mails. But, unfortunately, there is no Date: field among the e-mail headers.

Almost all other e-mails I get have this Date: field, and it is used to sort them. Without a date, the alerts get sorted to the wrong end of my e-mails, which is not helpful.

I have looked at python.log, and don't notice anything.

What might be wrong?

Tags (2)
0 Karma
Reply

mmather67
Path Finder
‎11-16-2011 08:12 AM

Well, I fixed this myself, by editing splunk/etc/apps/search/bin/sendemail.py.

About line 17, before TIMEOUT=600, I added the line:

from time import strftime, gmtime, time

About line 145, before the comment # Clear leading / trailing whitespace ... I added the line:

message ['Date'] = strftime ("%a, %d %b %Y %H:%M:%S", gmtime (time()))

That seems to work -- now I just have to remember to make a similar change to any update of Splunk.

0 Karma
Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey
Register for .conf25!
Get Updates on the Splunk Community!

.conf25 Global Broadcast: Don’t Miss a Moment

Hello Splunkers, .conf25 is only a click away.  Not able to make it to .conf25 in person? No worries, you can ...

Observe and Secure All Apps with Splunk

 Join Us for Our Next Tech Talk: Observe and Secure All Apps with SplunkAs organizations continue to innovate ...

What's New in Splunk Observability - August 2025

What's New We are excited to announce the latest enhancements to Splunk Observability Cloud as well as what is ...