Reporting
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Alerts triggered but emails are not receiving after 5minutes from triggered time.

chaitanya1996
Engager
‎02-03-2021 07:43 AM

Hello splunkers,

Please help me to figure out this issue!

I have a realtime alert which triggers an alert and send the email to users.

when i ingest 62 files in splunk index, triggered alerts are 52 but i have received only 44 email notifications only.

I figured out that the first email was received at 20:35 and 44th email at 20:40 and not received any further.
I have also tried changing these two parameters of alert from there default value 5m,

1. action.email.maxtime-->1800

2. action.script.maxtime-->1800

 

splunk enterprise v6.6.3

Please help me if any other parameter is to be changed, or any known issue like this.

Labels (1)
Labels
Tags (1)
0 Karma
Reply

me74fhfd
Path Finder
‎02-03-2021 10:14 AM

What kind of information are you sending your users in email, if you are using inline table in email body you might have an issue with large number of rows. Alternatively use this SPL: index=_internal sendemail and try to find root cause.

0 Karma
Reply

chaitanya1996
Engager
‎02-03-2021 09:58 PM

Hi, 
I have tried query "index=_internal  sourcetype=splunk_python" and the results are same as the number of emails i have received.

0 Karma
Reply
Get Updates on the Splunk Community!

Introducing the Splunk Community Dashboard Challenge!

Welcome to Splunk Community Dashboard Challenge! This is your chance to showcase your skills in creating ...

Built-in Service Level Objectives Management to Bridge the Gap Between Service & ...

Wednesday, May 29, 2024  |  11AM PST / 2PM ESTRegister now and join us to learn more about how you can ...

Get Your Exclusive Splunk Certified Cybersecurity Defense Engineer Certification at ...

We’re excited to announce a new Splunk certification exam being released at .conf24! If you’re headed to Vegas ...