Other Usage
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Why is Splunk alert not firing email?

izzie123
Path Finder
‎06-21-2023 10:57 AM

Hello,

I have set an alert which generates around 50-60 events everyday. I have configured this alert to send mails to my email id, I have been observing that not all events generate emails and the count of the alert events and the mails received mismatches.

The alert mail is not fired intermittently. Can you please suggest some ways to troubleshoot the cause of this problem?

Thanks in advance

Labels (2)
Labels
0 Karma
Reply

isoutamo
SplunkTrust
SplunkTrust
‎06-21-2023 11:06 AM

Hi

you should look from _internal have those fired and if what has happened to them. You should also remember that email isn’t 100% sure delivery method.

Here are some links to this issue:

r. Ismo

0 Karma
Reply

izzie123
Path Finder
‎06-21-2023 10:40 PM

Thanks for your answer @isoutamo 
I checked the internal logs and found this error : 

ERROR:root:(421, b'4.4.2 Message submission rate for this client has exceeded the configured limit',")

 

0 Karma
Reply

isoutamo
SplunkTrust
SplunkTrust
‎06-21-2023 11:57 PM

Your splunk server has sent too many alert emails in short period so smtp server refused to accept more. Are you sure that you don’t sent own alert per event instead of one email per running the alert?

0 Karma
Reply
Get Updates on the Splunk Community!

Index This | Why did the turkey cross the road?

November 2025 Edition  Hayyy Splunk Education Enthusiasts and the Eternally Curious!   We’re back with this ...

Enter the Agentic Era with Splunk AI Assistant for SPL 1.4

  🚀 Your data just got a serious AI upgrade — are you ready? Say hello to the Agentic Era with the ...

Feel the Splunk Love: Real Stories from Real Customers

Hello Splunk Community,    What’s the best part of hearing how our customers use Splunk? Easy: the positive ...