Hello everyone, I am encountering an issue with sending emails for the alerts I have configured on Splunk. Here are the steps I followed: SMTP Server Configuration: I set up an SMTP server using Postfix on a virtual machine (VM). I also configured the firewall on this VM to allow SMTP traffic. Splunk Configuration: In Splunk, I configured the email server settings using my Postfix server information. I verified the settings under Settings -> Server settings -> Email settings, and everything seems correct. Alert Configuration: I created several alerts and configured the "Send Email" action for each alert. I provided the recipients, subject, and email content. Despite these configurations, I am not receiving any emails when the alerts are triggered. Additional Details: I tested sending emails from the command line on the VM with Postfix, and it works correctly. I checked Splunk logs (splunkd.log) and did not find any obvious errors related to email sending. Postfix logs show that email requests do not seem to be reaching the server. Questions: Are there any additional steps I might have missed in the Splunk configuration for sending emails? How can I diagnose why emails are not being sent from Splunk? Are there specific logs or configurations I should check again? Thank you in advance for your help!
... View more