Hi fellow splunkers, I faced a mysterious issue where the number of triggered alerts do not match the number of emails received. When I check python.log, I see the alert is giving me this error 2020-09-25 18:49:01,765 +0000 ERROR sendemail:142 - Sending email. subject="Splunk Alert: to be deleted", results_link="http://aws-prod-east-splunk.megh.thingspace.com/app/search/@go?sid=scheduler__admin__search__RMD57f4b1593a5b5364b_at_1601059740_8497_BA4F469F-14CB-4CBF-A20F-40A798E7F698", recipients="[email@example.com']", server="top-smtp-proxy.ts-prod.cloud:587"
2020-09-25 18:49:01,765 +0000 ERROR sendemail:475 - (530, 'Authentication required', firstname.lastname@example.org') while sending mail to: email@example.com AND, I found this anomaly in my alert configuration. Note that sendemail command from search bar worked and I did receive the email. So it's only giving me error for alerts or scheduled searches. Anyone else having this issue?
... View more