All Apps and Add-ons

Sendresults App: what is the minimal user capability needed to use your sendresults app in Splunk Ent. version 7.2.1.

apietersen
Contributor

Hi,

Sendresults App: what is the minimal user capability needed to use your sendresults app in Splunk Ent. version 7.2.1
With user account admin no problems. Any other user throws a error message. When giving that user only "edit-all-objects" capability it works again, but this feels to much for a regular user. No information found what the essential capabilities re for this app.

We need to use some email-forms and the ssearch start with: | makeresults | eval .....| sendresults

somebody a clue?

regards Ashley Pietersen

0 Karma

brimarwells
New Member

This exception is raised when the server unexpectedly disconnects, or when an attempt is made to use the python mail SMTP instance before connecting it to a server. Clients sending outgoing mail should connect on port 587 and use starttls. To use port 465, you need to call smtplib.SMTP_SSL(). Currently, it calls smtplib.SMTP() .. so,change your PORT from 465 into 587 it. Also, you'll need to send the ehlo command before the starttls command, then again after the starttls command.

 

0 Karma

apietersen
Contributor

Please note: we send via an Office365 email-account

0 Karma

apietersen
Contributor

Btw this is the error-message when using a regular user-account using the search code:

| makeresults
| eval email_to="(valid-email-address)", email_subj="testing" , email_body="testing"
| sendresults

Error-message:

command="sendresults", Error : Traceback: Traceback (most recent call last): File "C:\Program Files\Splunk\etc\apps\sendresults\bin\sendresults.py", line 261, in sendemail(recipient, recipient_list[recipient].get('email_subj') , outbound, argvals) File "C:\Program Files\Splunk\etc\apps\sendresults\bin\sendresults.py", line 116, in sendemail smtp.sendmail(sender, string.split(recipient, ","), message) File "C:\Program Files\Splunk\Python-2.7\Lib\smtplib.py", line 736, in sendmail self.rset() File "C:\Program Files\Splunk\Python-2.7\Lib\smtplib.py", line 470, in rset return self.docmd("rset") File "C:\Program Files\Splunk\Python-2.7\Lib\smtplib.py", line 395, in docmd return self.getreply() File "C:\Program Files\Splunk\Python-2.7\Lib\smtplib.py", line 369, in getreply raise SMTPServerDisconnected("Connection unexpectedly closed") SMTPServerDisconnected: Connection unexpectedly closed

0 Karma

mockd
Path Finder

Hi,

Thanks for posting about this issue. It's going to need a bit more investigation but I was able to reproduce the same issue.

It looks like the sendemail command also has some issues with lesser capabilities as well.

I'll do some testing and see if there is something we need to change in sendresults and/or what permissions need to be applied.

Derek.

0 Karma

apietersen
Contributor

Thanks Derek,
If I find some more details I will post it here..

0 Karma
Get Updates on the Splunk Community!

Adoption of RUM and APM at Splunk

    Unleash the power of Splunk Observability   Watch Now In this can't miss Tech Talk! The Splunk Growth ...

Routing logs with Splunk OTel Collector for Kubernetes

The Splunk Distribution of the OpenTelemetry (OTel) Collector is a product that provides a way to ingest ...

Welcome to the Splunk Community!

(view in My Videos) We're so glad you're here! The Splunk Community is place to connect, learn, give back, and ...