All Apps and Add-ons
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

IMAPmailbox index returns 0 event

dannili
Communicator
‎08-26-2018 11:51 PM

Hi all, I have an OUTLOOK email account that receives real-time email notifications on PC backup and I wanna index all these emails into my installed IMAPmailbox APP for data analysis and visualization. But now my index=mail return 0 events. Could someone help me with this?

In my inputs.conf , I only changed unix systems disabled attribute to true and windows one to false. Also, I modified configuration using Splunk UI and checked the imap.conf. These all looks normal.

[IMAP Configuration]
debug = 0
deleteWhenDone = 1
disabled = 0
fullHeaders = 0
includeBody = 1
noCache = 0
port = ****
server = ****p
useSSL = 1
user = *****notification@oworkspace.onmicrosoft.com

Also, not sure if this is related but the inbox of the email account receives 0 emails. All notifications are shown in the Status Report section as the same level of Inbox. They are divided into Success, Failed, Warning and Test.

But still my search returns nothing and I would like to know if extra modifications need to be done for this to wok? Thanks for your help!

*******UPDATE************
just saw this question and the solution was to change 0 and 1 to characters, I just tried but nothing changed. Any other ideas? Also, if the server value is server name but not ip address it's still working right?

reference answer

0 Karma
Reply
Get Updates on the Splunk Community!

Data Management Digest – December 2025

Welcome to the December edition of Data Management Digest! As we continue our journey of data innovation, the ...

Index This | What is broken 80% of the time by February?

December 2025 Edition   Hayyy Splunk Education Enthusiasts and the Eternally Curious!    We’re back with this ...

Unlock Faster Time-to-Value on Edge and Ingest Processor with New SPL2 Pipeline ...

Hello Splunk Community,   We're thrilled to share an exciting update that will help you manage your data more ...