Hi I created an alert that is triggered correctly, but the email is not sent by Splunk log i got error [Errno 10060] A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond while sending mail to: user2@gmail.com or sometimes [Errno 11004] getaddrinfo failed while sending mail to:user2@gmail.com My email settings in Server settings » Email settings alert_action.conf [email] auth_password = password*****i auth_username = user@gmail.com mailserver = smtp.gmail.com:587 format = html use_tls = 0 I changed this to 1 also, but email still wasn't sent use_ssl = 0 My alert configuration is: savedsearches.conf file [request] action.email = 1 action.email.priority = 2 action.email.reportServerEnabled = 0 action.email.to = user2@gmail.com action.email.useNSSubject = 1 alert.severity = 4 alert.suppress = 1 alert.suppress.period = 30s alert.track = 1 counttype = number of events cron_schedule = */2 * * * * description = resuest resive dispatch.latest_time = now display.events.fields = ["host","source","sourcetype","Msg"] display.general.type = statistics display.page.search.mode = verbose display.page.search.tab = statistics enableSched = 1 quantity = 1 relation = greater than request.ui_dispatch_app = search request.ui_dispatch_view = search search = index="newpwm" source="SOCK_20150327_192217.log" Msg=Q*| eval vv=substr(Msg, 7,8) | Table _time Msg vv Please help me. For 1 day I've tried many times to use my company domain and port, but it's not working. I want an email sent only when the alert is triggered. ... View more