Alerting
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Backgrounded jobs don't send email alerts out when completed.

davidpaper
Contributor
‎06-13-2013 01:20 PM

For a long backgrounded job, it would be really useful to be able to get an alert sent out when it is done. Doesn't appear that my Splunk instances does this.

Emails for scheduled searches that generate alerts work just fine, so I know the email server path is fully functional.

If it makes a difference, all of our user auth is done via LDAP.

Any suggestions on ways to get this to work?

Tags (3)
Reply
1 Solution
Solved! Jump to solution
Solution

jtrucks
Splunk Employee
Splunk Employee
‎06-13-2013 01:22 PM

This works for non-LDAP instances by simply entering the email address in the user's Splunk local account profile. This automagically works in those cases.

As for LDAP, perhaps if the correct field name is proffered to Splunk from LDAP it would correctly populate the email address field.

--
Jesse Trucks
Minister of Magic

View solution in original post

Reply
Solved! Jump to solution
Solution

jtrucks
Splunk Employee
Splunk Employee
‎06-13-2013 01:22 PM

This works for non-LDAP instances by simply entering the email address in the user's Splunk local account profile. This automagically works in those cases.

As for LDAP, perhaps if the correct field name is proffered to Splunk from LDAP it would correctly populate the email address field.

--
Jesse Trucks
Minister of Magic
Reply
Solved! Jump to solution

antlefebvre
Communicator
‎07-11-2013 10:51 AM

I have an open case with Splunk on this. No way to currently import email via LDAP. No ETA on fix.

0 Karma
Reply
Solved! Jump to solution

jtrucks
Splunk Employee
Splunk Employee
‎07-11-2013 09:16 AM

I'm told that LDAP configurations often don't provide splunk with the right named field for email propogation, which is the likely cause of your issue.

--
Jesse Trucks
Minister of Magic
0 Karma
Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey
Get Updates on the Splunk Community!

Tech Talk Recap | Mastering Threat Hunting

Mastering Threat HuntingDive into the world of threat hunting, exploring the key differences between ...

Observability for AI Applications: Troubleshooting Latency

If you’re working with proprietary company data, you’re probably going to have a locally hosted LLM or many ...

Splunk AI Assistant for SPL vs. ChatGPT: Which One is Better?

In the age of AI, every tool promises to make our lives easier. From summarizing content to writing code, ...