×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
dhsmith21
Observer
Member since: ‎10-13-2023
‎08-06-2025
Community Statistics
Posts 3
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎10-13-2023
Topics I've Started
No posts to display.
View All

Re: Where are the failures of sendemail logged in?

by in Splunk Search
‎08-06-2025 07:46 PM
‎08-06-2025 07:46 PM
This should get you everything you need: index=_internal sourcetype=splunk_python error ... View more

Re: Where are the failures of sendemail logged in?

by in Splunk Search
‎08-06-2025 07:40 PM
‎08-06-2025 07:40 PM
This should get the failed sendmail items, but doesn't appear get the ones dropped by allowed email domains list not including the domain. Still researching that use case.   index=_internal sourcetype=splunk_python ("Name or service not known while sending mail to" OR "Connection timed out while sending mail to") some | rex maybe needed to make this more useful. ... View more

Re: Where are the failures of sendemail logged in?

by in Splunk Search
‎08-06-2025 06:26 PM
‎08-06-2025 06:26 PM
I know this is an older thread, but I am searching for a good way to get notifications for when and email fails to be sent as well. I did find you can see these in $SPLUNK_HOME/var/log/splunk/python.log.  Specifically for my use case it is around the allowed domain list not having the domain listed. If I find a good way to detect this within a standard or REST Splunk search I will reply.  Hope this helps some. ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎08-06-2025 06:21 PM