Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Email Input

cjaramilloc
Explorer
‎08-26-2020 03:27 PM

Hello Splunkers,

I'm wondering the best way to index an email. Not email server logs, the actual mail.

There are a couple apps that maybe help with this but they are very old:

https://splunkbase.splunk.com/app/3200/

https://splunkbase.splunk.com/app/1739/

Has anyone already did this? Any advice?

Christian

Tags (2)
0 Karma
Reply

isoutamo
SplunkTrust
SplunkTrust
‎08-26-2020 09:51 PM

Hi

at least IMAPMailbox is working with splunk 7.3.x, but not anymore whit splunk 8 without rewriting it to support python 3.

r. Ismo

0 Karma
Reply

cjaramilloc
Explorer
‎08-27-2020 10:05 AM

I'm using Splunk 8. That's why I need an updated solution. 😕

0 Karma
Reply

isoutamo
SplunkTrust
SplunkTrust
‎08-27-2020 10:57 AM

One “temporary” solution is set up a HF (with 7.3.x) where run this until someone get better solution. 
r. Ismo

0 Karma
Reply
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...