- Splunk Answers
- :
- Splunk Administration
- :
- Security
- :
- Re: WinError 10061: sending reports via email won...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
WinError 10061: sending reports via email won't work?
I've tried to configure some reports to be send via email. I created a report which runs on a schedule an then send the report via mail. I receive an error like this:
ERROR ScriptRunner [26364 AlertNotifierWorker-3] - stderr from 'C:\Program Files\[..]\sendemail.py "results_link=https://sea:443/app/search/@go?sid=scheduler__myuser__search__RMD5ca1c47b4433f8dbe_at_1675331100_258_5A6150E4-7C97-409F-AC0E-5BC487885B82" "ssname=xxx: myreport" "graceful=True" "trigger_time=1675331129" results_file="C:\Program Files\Splunk\var\run\splunk\dispatch\scheduler__myuser__search__RMD5ca1c47b4433f8dbe_at_1675331100_258_5A6150E4-7C97-409F-AC0E-5BC487885B82\results.csv.gz" "is_stream_malert=False"': ERROR:root:[WinError 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte while sending mail to: mail@mail.org
I thougt it might be the smtp-gateway but sending mails via | sendemail command works fine. Also some, but very few, reports go through. Also I checked wether sendmail.py tried to open a connection to the smtp-server but it seems the error comes from sendemail.py trying to open the url in results_link. And that is the point where I do not know what to look for anymore.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Since the manual sendemail command works, its not the smtp configuration. I checked the occourrences with wireshark and when this error occours, there is no smtp connection at all. This is why I believe its comming from the url when sendemail.py tries to fetch the report.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The error message says that the destination machine is actively refusing the connection request. Have you enabled SSL/TLS in your email configurations in Splunk? Or does the SMTP server expects you to set them up? It could also be an oversized attachment with the report or a certificate issue or even firewall actively blocking the traffic. Some additional context of your situation might help to diagnose this further. Also, are you using Splunk on premises or SplunkCloud?
Shiv
###If you found the answer helpful, kindly consider upvoting/accepting it as the answer as it helps other Splunkers find the solutions to similar issues###
Extending Observability Content to Splunk Cloud
More Control Over Your Monitoring Costs with Archived Metrics!
New in Observability Cloud - Explicit Bucket Histograms
