sendmail command throwing error and NO email is ge...

pkumar9610 · ‎09-08-2020

HI Friends,

I am using below command to check the email alerts but its throwing error and not able to send emails. Can you please help here

Command: index=123 info | sendemail to="kumar@xxx.com" subject=AzureTestAlert from="splunk"

Error on UI: command="sendemail", [Errno -2] Name or service not known while sending mail to: kumar@xxx.com

Error in python.log:

2020-09-03 17:25:24,113 -0700 ERROR sendemail:143 - Sending email. subject="Splunk Alert: testAlert", results_link="https://splunk-shc-splunk-search-head-0:8000/app/search/@go?sid=scheduler__admin__search__testAlert_at_1599179100_51_CC555C75-B9DE-43D9-93D3-D1C60A6059CF", recipients="[u'kumar@xxx.com']", server="localhost"

isoutamo · ‎09-08-2020

Is this working earlier or is this first time when you are trying it? Can you change from=splunk@your.doma.in?
r. Ismo

pkumar9610 · ‎09-08-2020

First time, this is new Splunk cluster setup on AKS using Splunk Operator

isoutamo · ‎09-08-2020

Ok. Then the configuration is quite probably somehow broken.

Basically you should define the next to alert_actions.conf:

[default]
hostname = https://YOUR.SPLUNK.URL:PORT
mailserver = YOUR.MAIL.SERVER:PORT
use_ssl = 0
use_tls = 0
from = splunk@YOUR.MAIL.DOMAIN

Use_ssl & use_tls based on what your mail server is needing and also password for that user if needed.

r. Ismo

sendmail command throwing error and NO email is getting triggered

other

saved search

scheduled search

.conf24 | Registration Open!

ICYMI - Check out the latest releases of Splunk Edge Processor

Introducing the 2024 SplunkTrust!