Reporting
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Email alert not sending. [Errno 10061] in python.log

wuming79
Path Finder
‎05-31-2017 08:37 PM

I am trying the following search to send email but encounters error message in python.log indicating "[Errno 10061] No connection could be made because the target machine actively refused it while sending mail to: temp@domain.com".

Also tried saving search as alert and indicated email address but also got the above error message. 

temperature sourcetype=kaa | rex field=_raw "\"endpointKeyHash\":\{\"string\":\"(?<endpoint>[^\"]*)\".*\"Event\": (?<mydata>\{.*\})\}$"| spath input=mydata | table _time, endpoint, temperature | eval threshold = 50 | where temperature > threshold | sendemail to=tzewei_79@yahoo.com.sg sendresults=true

May I know what other settings I need to do at this point? Please help.

Tags (1)
0 Karma
Reply

MuS
SplunkTrust
SplunkTrust
‎05-31-2017 08:58 PM

Hi wuming79,

this sounds like trouble/problems outside of Splunk.
Check there is no firewall blocking SMTP from your Splunk server, check that the mail server you are using (Windows defaults as well to localhost and has most likely not any email sending facility by default) is allowing you to relay emails.

All your friendly network and email admin to check this for you.

Hope this helps ...

cheers, MuS

0 Karma
Reply

wuming79
Path Finder
‎06-01-2017 12:44 AM

May I know how I can if my firewall is blocking SMTP from splunk server? Am I supposed to look inside Advanced settings?

0 Karma
Reply

wuming79
Path Finder
‎06-05-2017 12:37 AM

Does alert works if the free trial expires? I'm trying this from home network and still see the same problem.

0 Karma
Reply

MuS
SplunkTrust
SplunkTrust
‎06-05-2017 08:59 AM

No, if the free trail license has expired alerting will stop because its not available - see the docs for more details http://docs.splunk.com/Documentation/Splunk/latest/Admin/MoreaboutSplunkFree?r=searchtip#What_is_inc...

0 Karma
Reply

MuS
SplunkTrust
SplunkTrust
‎06-01-2017 11:08 AM

Ask your sysadmin or network admin for help. This is not something that can be configured in Splunk.

But a good starting point is this here https://www.port25.com/how-to-check-an-smtp-connection-with-a-manual-telnet-session-2/

cheers, MuS

0 Karma
Reply
Get Updates on the Splunk Community!

Update Your SOAR Apps for Python 3.13: What Community Developers Need to Know

To Community SOAR App Developers - we're reaching out with an important update regarding Python 3.9's ...

October Community Champions: A Shoutout to Our Contributors!

As October comes to a close, we want to take a moment to celebrate the people who make the Splunk Community ...

Automatic Discovery Part 2: Setup and Best Practices

In Part 1 of this series, we covered what Automatic Discovery is and why it’s critical for observability at ...