Alerting

Is it possible to create a alert in splunk Trail vesion-8.2.5

jagan
Explorer

Hi,

  Could you please help me is it possible to create alert splunk Trail version 8.2.5.

Labels (1)
0 Karma
1 Solution

gcusello
Esteemed Legend

Hi @jagan,

yes it's possible, but, (after 60 days) when your Trial version will became a Free version, Alerts will be not active.

Ciao.

Giuseppe

View solution in original post

jagan
Explorer

@gcusello  thanks for the update.

getting below error message when i configured the alert.Coiuld you please suggest what the further step.

Pathname [9188 AlertNotifierWorker-0] - Pathname 'C:\Program Files\Splunk\bin\Python3.exe C:\Program

Files\Splunk\etc\apps\search\bin\sendemail.py

 

Thanks

0 Karma

gcusello
Esteemed Legend

Hi @jagan,

this is a new question and it's better for you to open a new question, instead continuing the same question, because you can have better and quicker help from more people in Community, instead in this way, probably only me will answer to your question.

Anyway, the first check is to verify if the firewall routes between your Splunk server and your eMail server are open for the used port.

Then you have to configure yous Splunk eMail client [Settings -- Server Settings -- Email Settings] with the correct parameters for your eMail system (url, SSL or TLS or nothing, uservane and password, etc...).

You can find many questions like your with answers.

Ciao.

Giuseppe

0 Karma

jagan
Explorer

@gcusello  Thanks.

i configured email settings and port also enabled. still facing same issue.

0 Karma

gcusello
Esteemed Legend

Hi @jagan,

it's difficoult without seeing your system.

So you checked the firewall routes between your Splunk server and your eMail server are open for the used port and the eMail parameters are correct.

To be more sure try the connection using telnet.

It seems to be a python3 problem.

After the above checks, open a case to Splunk Support.

Ciao.

Giuseppe

 

0 Karma

gcusello
Esteemed Legend

Hi @jagan,

yes it's possible, but, (after 60 days) when your Trial version will became a Free version, Alerts will be not active.

Ciao.

Giuseppe

Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) v3.54.0

The Splunk Threat Research Team (STRT) recently released Enterprise Security Content Update (ESCU) v3.54.0 and ...

Using Machine Learning for Hunting Security Threats

WATCH NOW Seeing the exponential hike in global cyber threat spectrum, organizations are now striving more for ...

New Learning Videos on Topics Most Requested by You! Plus This Month’s New Splunk ...

Splunk Lantern is a customer success center that provides advice from Splunk experts on valuable data ...