But SPL works when I execute
index=cisco_asa src_ip!=10.* src_ip!=172.* src_ip!=192.* action=allowed | stats count by src_ip,dest_ip,dest_port | head 10 | sendemail to="email@example.com" content_type=html subject=myresults sendresults=true inline=true sendpdf=true server="smtp.gmail.com:25"
Under Server --> Email configuration: (local\alert_actions.conf)
This seems a credential problem. Have you double check them? Can you check with your email admin the correct ports of your smtp server since you seem to be using 25 or 587. Also on the second config you are missing the port in the mailserver atribute
------------ Hope I was able to help you. If so, some karma would be appreciated.