Deployment Architecture
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Solved! Jump to solution

Email Utility on UNIX Box for Splunk

rohitvjoshi
Path Finder
‎01-15-2019 11:20 PM

Hi Splunkers ,

We have tried to set Alert in Deployment manger to email address ,we have done all the set up in splunk related to Email setting i.e.-SMTP Server. we have done same configuration in Search Heads as well . We are getting alert email via Search Heads but not from Deployment Managers.We also checked the logs for related to triggerd alert , they having same configuration.

My Question is related to UNIX BOX , Do we need to install the EMAIL UTILITY in UNIX BOX where we have installed the Splunk OR do we require UNIX EMAIL utility to trigger mails apart from splunk email settings.

Thanks
Rohit

Tags (2)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

burwell
SplunkTrust
SplunkTrust
‎01-15-2019 11:44 PM

Hello @rohitvjoshi Can you tell us what you mean by a deployment manager? If you mean deployment server and they have the alert_actions.conf pointing to SMTP server that the deployment server can talk to, this should work. I do that very thing.

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

burwell
SplunkTrust
SplunkTrust
‎01-15-2019 11:44 PM

Hello @rohitvjoshi Can you tell us what you mean by a deployment manager? If you mean deployment server and they have the alert_actions.conf pointing to SMTP server that the deployment server can talk to, this should work. I do that very thing.

0 Karma
Reply
Solved! Jump to solution

rohitvjoshi
Path Finder
‎01-16-2019 03:29 AM

@Burwell --Its Deployment server only , I have added configuration under alert_actions.conf but it is not working while i have done same for Search Heads, it working perfect. My Question is related to UNIX BOX , do we need to add email utility in unix box ?

0 Karma
Reply
Solved! Jump to solution

burwell
SplunkTrust
SplunkTrust
‎01-16-2019 03:40 PM

Splunk uses the standard email.

Can you try running sendemail on your deployment server per the example here https://docs.splunk.com/Documentation/Splunk/7.2.3/SearchReference/Sendemail

It could be your mail server won't take mail from the deployment server.

Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk

We are excited to announce that the upcoming releases of Splunk Enterprise 10.2.x and Splunk Cloud Platform ...

Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...

After a whole week of being on call, you fell asleep on your keyboard, and you hit a sequence of buttons that ...