10-03-2016 16:05:02.937 +0000 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/TA-mailclient/bin/mail.py" ERRORlocal variable 'e' referenced before assignment

I'm running Splunk 6.5.0 now btw.

Yeah. One minute. my error.Will re-load in 5

thanks, let me know.

Fixed and tested. Uploaded 0.4.8

This error doesn't show up anymore, but index=mail is still empty, and while mail.py is scheduled to run, it doesn't seem to error (it just INFO when it starts); would you have the magic string to run it from command line perhaps?

tcpdump on the imap port shows that the communication is established (in my case with imap.google.com) but ends up after a few seconds; it's SSL so I can't easily know what went through in the exchange itself.

sorry I meant imap.gmail.com

I just tried it on mine for POP3 and IMAP, and it works alright. What interval do you have the input setup to poll the server?

I just moved it to every 15 minutes for troubleshooting; but there's not much to troubleshoot.

Nothing shows when you do this?
index=_internal sourcetype=splunkd component=ExecProcessor mail.py log_level=INFO?

I'll try this using this for a gmail account tonight. And let you know if i find any issues using gmail.

10-03-2016 18:45:00.908 +0000 INFO ExecProcessor - New scheduled exec process:
python /opt/splunk/etc/apps/TA-mailclient/bin/mail.py
10-03-2016 18:45:00.302 +0000 INFO ExecProcessor - message from "python /opt/sp
lunk/etc/apps/TA-mailclient/bin/mail.py" Password entity created - mail\xxx@
gmail.com.
10-03-2016 18:45:00.002 +0000 INFO ExecProcessor - setting reschedule_ms=899998
, for command=python /opt/splunk/etc/apps/TA-mailclient/bin/mail.py
10-03-2016 18:43:57.488 +0000 INFO ExecProcessor - New scheduled exec process:
python /opt/splunk/etc/apps/TA-mailclient/bin/mail.py
10-03-2016 18:41:09.671 +0000 INFO ExecProcessor - New scheduled exec process:
python /opt/splunk/etc/apps/TA-mailclient/bin/mail.py

You could try setting the ExecProcessor to Debug, and see what you find int he logs.

/opt/splunk/bin/splunk set log-level ExecProcessor -level DEBUG

Last run ( I removed my email address with xxx 😞

query: index=_internal sourcetype=splunkd component=ExecProcessor mail.py

results:

10-03-2016 18:30:00.346 +0000 INFO ExecProcessor - message from "python /opt/sp
lunk/etc/apps/TA-mailclient/bin/mail.py" Got credentials from endpoint - Usernam
e(xxx@gmail.com)
10-03-2016 18:30:00.002 +0000 INFO ExecProcessor - setting reschedule_ms=899998
, for command=python /opt/splunk/etc/apps/TA-mailclient/bin/mail.py

I've deleted the input, recreated it, and the relevant query now displays:
(notice that my email address is prepended with \ not = as it was before?)

10-03-2016 18:45:00.908 +0000 INFO ExecProcessor - New scheduled exec process: python /opt/splunk/etc/apps/TA-mailclient/bin/mail.py
10-03-2016 18:45:00.302 +0000 INFO ExecProcessor - message from "python /opt/splunk/etc/apps/TA-mailclient/bin/mail.py" Password entity created - mail\xxx@gmail.com.
10-03-2016 18:45:00.002 +0000 INFO ExecProcessor - setting reschedule_ms=899998, for command=python /opt/splunk/etc/apps/TA-mailclient/bin/mail.py
10-03-2016 18:43:57.488 +0000 INFO ExecProcessor - New scheduled exec process: python /opt/splunk/etc/apps/TA-mailclient/bin/mail.py
10-03-2016 18:41:09.671 +0000 INFO ExecProcessor - New scheduled exec process: python /opt/splunk/etc/apps/TA-mailclient/bin/mail.py

Thanks will test

Do let me know how you get along with the update.

Hi Jibanes,

I'll add this in over the next week and test, and I'll release an update. It'll log as INFO. Should also include support for more special characters in the password field.

Cheers

did you have a chance to look into this?