- Splunk Answers
- :
- Splunk Platform Products
- :
- Splunk Enterprise
- :
- Re: Why am I getting "ERROR sendemail: 1215 'utf8'...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Why am I getting "ERROR sendemail: 1215 'utf8' codec can't decode byte 0x92 in position 29: invalid start byte"?
Hello,
I am quite new to Splunk I am trying to send an email to test this functionality.
I have configured my setting-> server settings-> email settings and had them reviewed by our web administrator.
Here is my search:
..... |sendemail to=blabla@server.com from=blabla@server.com server=outlook.office365.com subject="Here is an email from Splunk" message="This is an example message" sendresults=true inline=true format=raw sendpdf=true
I never received any email and in the python.log file it is written :
ERROR sendemail:1215 - 'utf8' codec can't decode byte 0x92 in position 29: invalid start byte
Is there a mistake in the data I try to send or in my command syntax?
Thanks for any input.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Millern,
In Settings->server settings-> email settings : I have filled:
Mail host = outlook.office365.com
Username = my own login outlook.office365.com
Password = my password.
Therefore I was expecting that this is my login that is used to connect to the mail server....no ?
I am sure that splunk@outlook.office363.com has is not authorized to connect to the mail server
Regards
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Have you been able to generate emails from Splunk before or is this the first time you are trying to do it within a search.
The sendtoemail command assumes you backend configuration is setup and working correctly:
http://docs.splunk.com/Documentation/Splunk/6.3.0/SearchReference/Sendemail
I did a test on my SH with a very simple search:
index=test sourcetype=test earliest=-1m host=test | sendemail to=millern4@xxxxx@.com
Which generates the following email to me:
Search complete.
If you believe you've received this email in error, please see your Splunk administrator.
splunk > the engine for machine data
Before you try and tackle the sendtoemail command I'd verify that your SMTP settings are indeed correct.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I would think (just a guess here) that the version of python being used with Splunk should be okay along with whatever libraries are on the linux side.
Another item you could check is whatever email address you are using splunk@outlook.office365.com have rights to SMTP relay through your exchange server.
I'd still lean the error is on the mail side rather than within Splunk, is it possible that your Exchange administrator can try sending an email on behalf of the address you are trying to use?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Millern
Thansk for your reply
It is the first time, I try to use the sendemail functionnality.
I tried with an easy search which returns no event or few events but each time I get the same error.
I had the settings verified with our network administrator. He gave me the adresse outlook.office365.com.
Since my error is in a python file, is it possible that I should update my python version ?
Regards
.conf24 | Registration Open!
ICYMI - Check out the latest releases of Splunk Edge Processor
Introducing the 2024 SplunkTrust!
