Reporting
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Email alert not sending. [Errno 10061] in python.log

wuming79
Path Finder
‎05-31-2017 08:37 PM

I am trying the following search to send email but encounters error message in python.log indicating "[Errno 10061] No connection could be made because the target machine actively refused it while sending mail to: temp@domain.com".

Also tried saving search as alert and indicated email address but also got the above error message. 

temperature sourcetype=kaa | rex field=_raw "\"endpointKeyHash\":\{\"string\":\"(?<endpoint>[^\"]*)\".*\"Event\": (?<mydata>\{.*\})\}$"| spath input=mydata | table _time, endpoint, temperature | eval threshold = 50 | where temperature > threshold | sendemail to=tzewei_79@yahoo.com.sg sendresults=true

May I know what other settings I need to do at this point? Please help.

Tags (1)
0 Karma
Reply

MuS
SplunkTrust
SplunkTrust
‎05-31-2017 08:58 PM

Hi wuming79,

this sounds like trouble/problems outside of Splunk.
Check there is no firewall blocking SMTP from your Splunk server, check that the mail server you are using (Windows defaults as well to localhost and has most likely not any email sending facility by default) is allowing you to relay emails.

All your friendly network and email admin to check this for you.

Hope this helps ...

cheers, MuS

0 Karma
Reply

wuming79
Path Finder
‎06-01-2017 12:44 AM

May I know how I can if my firewall is blocking SMTP from splunk server? Am I supposed to look inside Advanced settings?

0 Karma
Reply

wuming79
Path Finder
‎06-05-2017 12:37 AM

Does alert works if the free trial expires? I'm trying this from home network and still see the same problem.

0 Karma
Reply

MuS
SplunkTrust
SplunkTrust
‎06-05-2017 08:59 AM

No, if the free trail license has expired alerting will stop because its not available - see the docs for more details http://docs.splunk.com/Documentation/Splunk/latest/Admin/MoreaboutSplunkFree?r=searchtip#What_is_inc...

0 Karma
Reply

MuS
SplunkTrust
SplunkTrust
‎06-01-2017 11:08 AM

Ask your sysadmin or network admin for help. This is not something that can be configured in Splunk.

But a good starting point is this here https://www.port25.com/how-to-check-an-smtp-connection-with-a-manual-telnet-session-2/

cheers, MuS

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions

This challenge was first posted on Slack #puzzles channelFor BORE at .conf23, we had a puzzle question which ...

Splunk Community Badges!

  Hey everyone! Ready to earn some serious bragging rights in the community? Along with our existing badges ...

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

This puzzle (first published here) is based on matching timestamps to cron expressions.All the timestamps ...