Alerting
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Duplicate "Send Email" option in Splunk Enterprise 7

splunkdivya
Explorer
‎12-17-2019 01:37 AM

Having duplicate "Send Email" options on Splunk 7 Enterprise, not sure what causing it:
PFB the screenshot
alt text

Any pointers are highly appreciated.
- Best,
- Splunkdivya

Preview file
1 KB
0 Karma
Reply

DavidHourani
Super Champion
‎12-17-2019 01:46 AM

Hi @splunkdivya,

Seems like you have a duplicate configuration for your send email modular alert action.

Have a read here in case you don't know how modular alerts work :
https://docs.splunk.com/Documentation/SplunkCloud/latest/AdvancedDev/ModAlertsIntro

In order to resolve this, search on your SH for alert_actions.conf and identify the location of the duplicate send email action. Once that's done all you have to do is get rid of it and you'll be back to a single action.

Let me know if that helps.

Cheers,
David

0 Karma
Reply
Get Updates on the Splunk Community!

Enterprise Security Content Updates (ESCU) - New Releases

In the last month, the Splunk Threat Research Team (STRT) has had 3 releases of new content via the Enterprise ...

Thought Leaders are Validating Your Hard Work and Training Rigor

As a Splunk enthusiast and member of the Splunk Community, you are one of thousands who recognize the value of ...

.conf23 Registration is Now Open!

Time to toss the .conf-etti 🎉 —  .conf23 registration is open!   Join us in Las Vegas July 17-20 for ...