Sending emails with Splunk SMTP app for SOAR v 2.3...

Splunk SOAR

We had previously been successfully using the Splunk SMTP app for SOAR (Phantom) until the beginning of this year. We are currently on v5.5.0 of SOAR and v2.3.0 of the SMTP app.

I am wondering if anyone has successfully completed test connectivity with the combination of these two versions. We are currently receiving this output and error:

App 'SMTP' started successfully (id: 123456789) on asset: 'smtp'(id: 1)
Loaded action execution configuration
Using OAuth Authentication
1 action failed Error retrieving system info, Status Code: 401 Error from Server: {"failed": true, "message": "Request Validation Error: Invalid or missing session token. Please refresh your session."}. Test Connectivity Failed

We have had a support case open with Splunk for over a month.

Looking to see if anyone out there has been able to get SMTP app working.

If you have given up on the SMTP app, what are you using to send emails instead?

Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In November, the Splunk Threat Research Team had one release of new security content via the Enterprise ...

Index This | Divide 100 by half. What do you get?

November 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious! We’re back with this ...

Stay Connected: Your Guide to December Tech Talks, Office Hours, and Webinars!

❄️ Celebrate the season with our December lineup of Community Office Hours, Tech Talks, and Webinars! ...