Splunk Dev
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Email Settings | TLS Handshake

socespap
Explorer
‎01-22-2019 10:05 AM

Hi Splunk Community,

I am trying to setup a TLs communication btw Splunk Entreprise and an email server for sending alerts. Based on three available options - None | SSL | TLS, only none is working properly.

when chose TLS I received the following error "ERROR:root:STARTTLS extension not supported by server. while sending mail to"

01-22-2019 17:57:57.138 +0000 ERROR ScriptRunner - stderr from '/opt/splunk/bin/python /opt/splunk/etc/apps/search/bin/sendemail.py "results_link=https://uh0014:8443/app/search/@go?sid=rt_scheduler__vile__search__RMD50843376f462c8b90_at_154817958..." "ssname=Errors reported (Real Time)" "graceful=True" "trigger_time=1548179876" results_file="/opt/splunk/var/run/splunk/dispatch/rt_scheduler_vilesearch_RMD50843376f462c8b90_at_1548179587_6.45/results.csv.gz"': ERROR:root:STARTTLS extension not supported by server. while sending mail to:

On alert_action.conf file I have the following
[email]
mailserver = smtp.XXXXX
pdf.header_left = none
pdf.header_right = none
use_tls = 1
sslVersions = tls1.2
sslVerifyServerCert = true
use_ssl = 0
from = noreply_siem@XXXXX
reportPaperSize = a4

Any tip?

Sincerely

VML

Tags (1)
Reply

driva
Path Finder
‎01-07-2020 01:11 AM

Hi VML,

I had a similar issue when using Office 365 SMTP settings. Usually it is enough to specify smtp.office365.com however I got the same error as yourself. Try adding the port number at the end of the address within Email Settings.

e.g. smtp.office365.com:587 (587 is default). For Office 365 this works with TLS enabled.

Best wishes,

Dan

0 Karma
Reply

evelenke
Contributor
‎09-17-2019 01:40 AM

Hi, did you resolve this?

0 Karma
Reply

orion44
Communicator
‎02-17-2019 08:26 PM

Same error here, unable to send any emails from Splunk Enterprise.

0 Karma
Reply
Get Updates on the Splunk Community!

Adoption of RUM and APM at Splunk

    Unleash the power of Splunk Observability   Watch Now In this can't miss Tech Talk! The Splunk Growth ...

Routing logs with Splunk OTel Collector for Kubernetes

The Splunk Distribution of the OpenTelemetry (OTel) Collector is a product that provides a way to ingest ...

Welcome to the Splunk Community!

(view in My Videos) We're so glad you're here! The Splunk Community is place to connect, learn, give back, and ...