Recently, i have created an splunk search alert. It had successfully triggered the alert, while the alert mail sent to the junk mailbox not my inbox. Even though i have whitelisted My Splunk server IP and sender domain in my mail gateway.
What do be done or checked to make the mail send to my inbox?
If your Alerts are hitting Junk Folder, the name with which your emails are being sent doesn't have a domain against it in all certainty. You can add something like ABC Splunk in the Send Email As field of email Settings. That'll direct the emails straight to your inbox.
If my solution solves your problem, please accept it so that others can benefit out of it.
thanks for the answer.
The alert mail delivered to junk mailbox is the SCL value of message header is set as 6, which means the sender is treated as spam in O365......
i simply create a rule in outlook to delivery the alert to inbox.