Join the Conversation
- Find Answers
- :
- Apps & Add-ons
- :
- Splunk Development
- :
- Splunk Dev
- :
- Email Settings | TLS Handshake
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Email Settings | TLS Handshake
Hi Splunk Community,
I am trying to setup a TLs communication btw Splunk Entreprise and an email server for sending alerts. Based on three available options - None | SSL | TLS, only none is working properly.
when chose TLS I received the following error "ERROR:root:STARTTLS extension not supported by server. while sending mail to"
01-22-2019 17:57:57.138 +0000 ERROR ScriptRunner - stderr from '/opt/splunk/bin/python /opt/splunk/etc/apps/search/bin/sendemail.py "results_link=https://uh0014:8443/app/search/@go?sid=rt_scheduler__vile__search__RMD50843376f462c8b90_at_154817958..." "ssname=Errors reported (Real Time)" "graceful=True" "trigger_time=1548179876" results_file="/opt/splunk/var/run/splunk/dispatch/rt_scheduler_vilesearch_RMD50843376f462c8b90_at_1548179587_6.45/results.csv.gz"': ERROR:root:STARTTLS extension not supported by server. while sending mail to:
On alert_action.conf file I have the following
[email]
mailserver = smtp.XXXXX
pdf.header_left = none
pdf.header_right = none
use_tls = 1
sslVersions = tls1.2
sslVerifyServerCert = true
use_ssl = 0
from = noreply_siem@XXXXX
reportPaperSize = a4
Any tip?
Sincerely
VML
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi VML,
I had a similar issue when using Office 365 SMTP settings. Usually it is enough to specify smtp.office365.com however I got the same error as yourself. Try adding the port number at the end of the address within Email Settings.
e.g. smtp.office365.com:587 (587 is default). For Office 365 this works with TLS enabled.
Best wishes,
Dan
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi, did you resolve this?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Same error here, unable to send any emails from Splunk Enterprise.
Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!
Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.
Announcing Modern Navigation: A New Era of Splunk User Experience
Modernize your Splunk Apps – Introducing Python 3.13 in Splunk
Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...
