Alerting

How to configure email alert using gmail smtp?

Motivator

Hi

I was trying to configure email alert to deliver scheduled saved search result.
The SMTP server I was trying to use is gmail SMTP.

The configuration in Email alert settings -> Mail Server Settings is:

Mail Host -> smtp.gmail.com:465
# Enable SSL checked

Username -> @gmai.com
Password ->
...

Is there any misconfiguration or limitation of SMTP server?
Does anyone know how to use gmail SMTP with splunk email alering?

Thank you!

Tags (1)
1 Solution

Path Finder

Hi,
What works for me is to use port 587 and use TLS in place of SSL.

If you try to test using the "sendemail" search command then I found that it does not seem to pick up every setting from alert_actions.conf file so I had to specify some of them for it to start working. This includes the undocumented argument "use_tls" which you can find in the sendemail.py script.

The following search worked for me and I then used these settings in alert_actions.conf (configured through the UI):
index=_internal | head 1 | sendemail to="name@my.email.domain" format="html" server=smtp.gmail.com:587 use_tls=1

View solution in original post

Contributor
0 Karma

Path Finder

Contributor

@sherm77 kudos coming your way!

0 Karma

Communicator

Thanks @himynamesdave for sharing the updated link

0 Karma

New Member

Hi, I'm getting error as "command="sendemail", [Errno 11001] getaddrinfo failed while sending mail to: xxxx.xxxx@gmail.com.
I'hv faced to same error [Errno 11001] while testing integration with servicenow with the help of servicenow app. I think there is something wrong with my system settings? Can you please help.

Python log shows below error-
2013-10-28 19:06:29,036 DEBUG Preloading from 'C:\Program Files\Splunk\var\run\splunk\merged\web.conf'.
2013-10-28 19:06:29,038 DEBUG simpleRequest > GET https://127.0.0.1:8089/servicesNS/nobody/search/admin/alert_actions/email [] sessionSource=direct
2013-10-28 19:06:29,448 DEBUG simpleRequest < server responded status=200 responseTime=0.4110s
2013-10-28 19:06:29,457 ERROR Sending email. subject="Splunk Results", results_link="None", recipients="['XXXX.XXXXx@gmail.com']"

0 Karma

Path Finder

Hi,
What works for me is to use port 587 and use TLS in place of SSL.

If you try to test using the "sendemail" search command then I found that it does not seem to pick up every setting from alert_actions.conf file so I had to specify some of them for it to start working. This includes the undocumented argument "use_tls" which you can find in the sendemail.py script.

The following search worked for me and I then used these settings in alert_actions.conf (configured through the UI):
index=_internal | head 1 | sendemail to="name@my.email.domain" format="html" server=smtp.gmail.com:587 use_tls=1

View solution in original post

Motivator

Thanks for answers and tips!

0 Karma

Path Finder

Oh and when you test the Scheduled Alert, don't forget to disable it so you don't get 50 alert emails in your inbox 😉

0 Karma