How to make changes from the GitLab server (not fr...

Alerting

Splunk alerts are being quarantined from an invalid sender. What backend files need to be modified? How can I make changes from the GitLab server (not from Splunk Web) to track changes for a Splunk configuration file: savedsearches.conf for an invalid email sender?

From the Search and Reporting app home page, select Settings > Server settings > Email settings.
Select Mail Server Settings.

you see from field, update from address there.

————————————
If this helps, give a like below.

I am talking about doing it from Linux command line.

I noticed a large number of Splunk alerts in the hosted O365 quarantine (not delivered) because they are using an invalid sender "From: splunk-s". This is not a problem with the tenant configuration where we can whitelist it. O365 needs to see a properly formatted “from” header, e.g. somebody@gmail.com. Is this something that can be adjusted in the Splunk config? It would also be beneficial to remove some of the old recipients from these alerts:

can you elaborate you question?

————————————
If this helps, give a like below.

Please can you tell how I can make changes from gitlab server to track changes for a Splunk configuration file: savedsearches.conf for an invalid email sender? Please I need the step by step process on how to do it. We need to do it from gitlab not from splunk web.

Get Updates on the Splunk Community!

How to make changes from the GitLab server (not from Splunk Web) to track changes for a Splunk configuration file?

alert condition

email

Announcing Scheduled Export GA for Dashboard Studio

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!