- Splunk Answers
- :
- Splunk Administration
- :
- Security
- :
- ERROR [Errno 111] Connection refused while sending...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
ERROR [Errno 111] Connection refused while sending mail to:
We are running splunk 4.2.3 on RHEL 5.I am scheduling a job in windows app and email the results to my email id but i am not receiving any emails from splunk server. I am seeing these below connection refused errors in python.log
2011-11-03 21:19:01,489 ERROR Sending email. subject="Splunk Alert: windows failed", results_link="https://splunk_server_name:8000/app/windows/@go?sid=scheduler__admin__windows_d2luZG93cyBmYWlsZWQ_at...", recepients="['foo@bar.com', '', '']"
2011-11-03 21:19:01,489 ERROR [Errno 111] Connection refused while sending mail to: foo@bar.com
There are no issues with firewall or iptables. I am able to send emails from the actual splunk server itself but not from the alert/report. I configured "Link Hostname" to the ip of the server, server hostname, left it blank but still no luck.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I ran into this as well. This happened after I copied some alert from another system to setup on a new search head.
The problem turned out to be that I created the alerts before configuring the mail server in Splunk, so the alerts had this statement in savedsearches.conf:
action.email.mailserver = localhost
Manually edited savedsearches.conf to remove this (as well as action.email.from, which was "splunk").
After restarting Splunk, the alerts mail properly.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
In "Mail Server Settings" the mail host was set to localhost and hence it was not sending emails when i ran the report. Now i have configured mail host with the mail server host name and now email are triggering fine from the splunk.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I am not sure the root cause of the issue. But sendemail command may help you to isolate the issue. You will know more if smtp setting is correct or semdemail python command is ok or network issue...
... | sendemail to="elvis@splunk.com,john@splunk.com" format=html subject=myresults server=mail.splunk.com
http://docs.splunk.com/Documentation/Splunk/latest/SearchReference/Sendemail
Routing logs with Splunk OTel Collector for Kubernetes
Welcome to the Splunk Community!
Tech Talk | Elevating Digital Service Excellence: The Synergy of Splunk RUM & APM
