Reporting
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Alert email Content Transfer Encoding

rasmith1
Engager
‎04-08-2020 01:08 PM

Splunk Enterprise 8.0.2
I can send an email through our enterprise relay using python3 smtplib email.message. These come through with Content Transfer Encoding set to 7bit.
When I setup and trigger an email alert action through Splunk, it fails to relay through and the Content Transfer Encoding is set to base64.
That is the only difference I can detect between the 2 emails using wireshark.
Is there a way to change the Splunk alert email Content transfer encoding to 7bit?
I have looked at sendemail.py and sendemail_handler.py and cannot see where this is specified, it may be in another conf file or perhaps needs to be explicitly defined in one of those 2 .py files?
Thank you for any help.
RASmith

0 Karma
Reply

rasmith1
Engager
‎04-09-2020 12:32 PM

If you edit both $SplunkHome\etc\apps\search\bin\sendemail.py and sendemail_handler.py and replace UTF8 with us-ascii, emails are sent with 7bit encoding.

0 Karma
Reply
Get Updates on the Splunk Community!

What the End of Support for Splunk Add-on Builder Means for You

Hello Splunk Community! We want to share an important update regarding the future of the Splunk Add-on Builder ...

Solve, Learn, Repeat: New Puzzle Channel Now Live

Welcome to the Splunk Puzzle PlaygroundIf you are anything like me, you love to solve problems, and what ...

Building Reliable Asset and Identity Frameworks in Splunk ES

 Accurate asset and identity resolution is the backbone of security operations. Without it, alerts are ...