Hi Everyone,
Could you please help me to find out the issue with my Splunk instance.
I am not getting email from splunk for the scheduled report/alert.
Splunk version: 6.6.2
SMTP server is configured on that local server and port 25 is open.
1. for testing triggered email command from powershell in this case I am getting email .
$MailparamsDisable = @{
'To' = 'himanshu.b.shekhar@xyz.com'
'Subject' = 'xyz account maintenance'
'From' = 'IAM.Admin@xyz.com'
'SmtpServer' = 'xyz.abc.com'
'Body' = "Hi Splunk"
}
Send-MailMessage @MailparamsDisable
2. but from splunk i am not getting email.
index=_internal
| head 5
| sendemail
to="himanshu.b.shekhar@xyz.com"
server="xyz.abc.com:25"
subject="Here is an email notification"
message="This is an example message"
sendresults=true inline=true
format=raw sendpdf=true
Search Factory: Unknown search command 'sendemail'.
what could be issue please help me on this.
Thank in advance.
Thank You,
Himanshu
 
					
				
		
 
		
		
		
		
		
	
			
		
		
			
					
		Hi Richgalloway,
Thanks for your reply.
As i verified "E:\Program Files\Splunk\etc\apps\search\bin\sendemail.py" is exist .
What could be other options to fix this issue rather than upgrading?
Thank you,
Himanshu
 
					
				
		
 
		
		
		
		
		
	
			
		
		
			
					
		Hi Richgalloway,
In below path , i do not have sendemail search :
Go to Settings->Advanced Search->Search Commands and verify sendemail is there with the right permissions and is not disabled.
In message tab i can see -
"Your license for Splunk App for Microsoft Exchange has expired or cannot be found."
is it related to this issue ?
Thank You,
Himanshu
 
					
				
		
 
		
		
		
		
		
	
			
		
		
			
					
		