Splunk alert is triggered but not sending the emai...

mufthmu · ‎01-09-2020

I set up a new splunk instance on my local machine, created a dummy alert but it did not send me any notification email even though it was triggered.
any idea what might cause this issue in the alert_actions.conf file?
thanks!

gcusello · ‎01-09-2020

Hi @mufthmu,
at first check if your Splunk Search Head reach the SMTP server on port you enabled (e.g. 465) using telnet from SH (telnet IP_SMTP_Server 465).
Then did you configured SMTP Server (as @arjunpkishore5 said) in [Setting -- Server Settings -- eMail Settings]?

If the above checks are Ok, check the dimension of your message and attachment, if one of them exceeds the eMail limits, it will be blocked.

Ciao.
Giuseppe

Praz_123 · ‎11-06-2023

@gcusello

Same issue am facing as i had checked above solution worked on that it is working fine ,Till September received(email notification ) the report for the alert triggered but it is stopped from October.

what could be the issue ??

arjunpkishore5 · ‎01-09-2020

Have you setup the SMTP server settings ?

Check the mailserver section in alert_actions.conf - https://docs.splunk.com/Documentation/Splunk/7.3.1/Admin/Alertactionsconf

Splunk alert is triggered but not sending the email

Welcome to the Splunk Community!

Tech Talk | Elevating Digital Service Excellence: The Synergy of Splunk RUM & APM

Adoption of RUM and APM at Splunk