All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

IMAPmailbox index returns 0 event

dannili
Communicator
‎08-26-2018 11:51 PM

Hi all, I have an OUTLOOK email account that receives real-time email notifications on PC backup and I wanna index all these emails into my installed IMAPmailbox APP for data analysis and visualization. But now my index=mail return 0 events. Could someone help me with this?

In my inputs.conf , I only changed unix systems disabled attribute to true and windows one to false. Also, I modified configuration using Splunk UI and checked the imap.conf. These all looks normal.

[IMAP Configuration]
debug = 0
deleteWhenDone = 1
disabled = 0
fullHeaders = 0
includeBody = 1
noCache = 0
port = ****
server = ****p
useSSL = 1
user = *****notification@oworkspace.onmicrosoft.com

Also, not sure if this is related but the inbox of the email account receives 0 emails. All notifications are shown in the Status Report section as the same level of Inbox. They are divided into Success, Failed, Warning and Test.

But still my search returns nothing and I would like to know if extra modifications need to be done for this to wok? Thanks for your help!

*******UPDATE************
just saw this question and the solution was to change 0 and 1 to characters, I just tried but nothing changed. Any other ideas? Also, if the server value is server name but not ip address it's still working right?

reference answer

0 Karma
Reply
Get Updates on the Splunk Community!

Fall Into Learning with New Splunk Education Courses

Every month, Splunk Education releases new courses to help you branch out, strengthen your data science roots, ...

Super Optimize your Splunk Stats Searches: Unlocking the Power of tstats, TERM, and ...

By Martin Hettervik, Senior Consultant and Team Leader at Accelerate at Iver, Splunk MVPThe stats command is ...

How Splunk Observability Cloud Prevented a Major Payment Crisis in Minutes

Your bank's payment processing system is humming along during a busy afternoon, handling millions in hourly ...