I have my smtp server configured correctly and have setup and do receive plenty of alerts for scheduled searches. However when I attempt to use the
sendemail command, the following error is displayed:
[Errno 10061] No connection could be made because the target machine actively refused it while sending mail to: email@example.com
The only error I can find in the logs is from var/log/python.log:
2010-07-28 10:18:51,105 ERROR Sending email. subject="Splunk Results", results_link="None", recepients="['firstname.lastname@example.org']"
I haven't been able to find any other errors related to this, and this is the only line in python.log.
I am using sendemail as follows:
my search terms | sendemail email@example.com sendresults=true
Windows Installation, 4.1.3. What am I doing wrong?
The sendemail command by default attempts to use localhost as the SMTP server and ignores the settings used for scheduled search alerts. If you do not have an SMTP server or forwarder installed (which on Windows is quite likely),
sendemail will fail when trying to connect to localhost.
To work around this, specify
sendemail as follows:
my search terms | sendemail firstname.lastname@example.org sendresults=true server=mail.bar.com
Adding the server= command worked for me also. Wasn't aware that the command line would ignore the server wide email settings.
I am getting the following error
command="sendemail", 'rootCAPath' while sending mail to: *****
If your email server enabled the ssl or tls, you need to use the following syntax.
For tls enabled mail server:
For ssl enabled mail server:
For some reason, sendemail.py doesn't use the same parameters as scheduled search.
Setting the server parameters in the GUI (Settings->Server Settings->Email Settings) will get scheduled search to work, but not sendemail.
Saved searches look in users/XXX/search/loca/savedsearches.conf, and then in ./system/local/alert_actions.conf
sendemail from the command line doesn't. Or doesn't seem to. Maybe it does but the configured parameters are being overridden by empty strings from the command line?
Either way, if you don't want to always be typing server=XXX on the command line, one option is to edit sendemail.py and hardcode your server config:
server = ssContent.get('action.email.mailserver', 'localhost')
server = ssContent.get('action.email.mailserver', 'yourhost')