Splunk Enterprise

Getting 502 authentication error while using sendemail command



I am trying to test the functionality of sending an email that will be sent because of an alert. For that, first I tried to send an email using the sendemail command. I used the free subscription of Brevo to get an accessible SMTP server to send an email. Then I tried configuring the email settings in my Splunk Enterprise. Below are the SS of my email settings


For the password, I am using the MasterKey provided in the Brevo for my SMPT



For the rest of the settings, I kept them as the default



I am trying to send the data to a dummy email in Mailinator. Below is my searched SPL with the error.


It is giving me an error for the email set as Send Email as user(Splunk) which I kept as default. I tried using my personal Gmail ID as well but got the same error for that ID.

Can anyone please help me on how to debug or resolve this issue.

0 Karma



I think that currently there isn't any real email smtp server which don't want to use TLS and other authentication? So you must enable TLS and use smtp server which is supporting it.

Here is instructions how to use your personal Gmail account with splunk


r. Ismo

0 Karma
Get Updates on the Splunk Community!

Optimize Cloud Monitoring

  TECH TALKS Optimize Cloud Monitoring Tuesday, August 13, 2024  |  11:00AM–12:00PM PST   Register to ...

What's New in Splunk Cloud Platform 9.2.2403?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.2.2403! Analysts can ...

Stay Connected: Your Guide to July and August Tech Talks, Office Hours, and Webinars!

Dive into our sizzling summer lineup for July and August Community Office Hours and Tech Talks. Scroll down to ...