Splunk Enterprise Security
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

user using outside VPN acess can't access externl mail server

cosm0630
New Member
‎05-15-2020 06:37 AM

Good morning,
since I've been working from home using VPN access to connect to the office I noticed, I haven't been able to access my companies external email server. is there a Splunk Query I can run to give me a little more insight into why I am unable to access that external email server?

Any assistance in that regard would be greatly appreciated.

Thanks

Cosmo

Labels (2)
0 Karma
Reply

PavelP
Motivator
‎05-15-2020 07:32 AM

Hello @cosmo0630,

depending on how VPN is configured, only internal or all/any traffic can be send to HQ. If any traffic is being sent to HQ then most probably the internal firewall doesn't allow an access from HQ to the external mail server.

To find something in logs try

index=_* (ERROR OR WARN) (mail OR SMTP)
0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk

We are excited to announce that the upcoming releases of Splunk Enterprise 10.2.x and Splunk Cloud Platform ...

Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...

After a whole week of being on call, you fell asleep on your keyboard, and you hit a sequence of buttons that ...