Splunk SOAR (f.k.a. Phantom)
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Sending emails with Splunk SMTP app for SOAR v 2.3.0

rferg06
Engager
‎04-17-2023 01:35 PM

We had previously been successfully using the Splunk SMTP app for SOAR (Phantom) until the beginning of this year.  We are currently on v5.5.0 of SOAR and v2.3.0 of the SMTP app.

I am wondering if anyone has successfully completed test connectivity with the combination of these two versions.  We are currently receiving this output and error:

App 'SMTP' started successfully (id: 123456789) on asset: 'smtp'(id: 1)
Loaded action execution configuration
Using OAuth Authentication
1 action failed Error retrieving system info, Status Code: 401 Error from Server: {"failed": true, "message": "Request Validation Error: Invalid or missing session token. Please refresh your session."}. Test Connectivity Failed

 We have had a support case open with Splunk for over a month.

Looking to see if anyone out there has been able to get SMTP app working.

If you have given up on the SMTP app, what are you using to send emails instead?

Labels (2)
0 Karma
Reply
Get Updates on the Splunk Community!

Introducing the Splunk Community Dashboard Challenge!

Welcome to Splunk Community Dashboard Challenge! This is your chance to showcase your skills in creating ...

Built-in Service Level Objectives Management to Bridge the Gap Between Service & ...

Wednesday, May 29, 2024  |  11AM PST / 2PM ESTRegister now and join us to learn more about how you can ...

Get Your Exclusive Splunk Certified Cybersecurity Defense Engineer Certification at ...

We’re excited to announce a new Splunk certification exam being released at .conf24! If you’re headed to Vegas ...