Alerting
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Why can't I send emails via alerting?

simon00
Loves-to-Learn Lots
‎07-26-2022 11:43 PM

Hello, I was trying to setup Alerting via emails and it wouldn't work. Alert for sure gets triggered, because other alert_action works (Add to triggered alerts) but the email one didn't.
In "var\log\splunk\python.log" I found out that for every trigger there is  error log
Ex.:

2022-07-27 08:30:04,382 +0200 ERROR sendemail:1610 - [HTTP 404] https://127.0.0.1:8089/servicesNS/admin/search/alerts/alert_actions/email?output_mode=json
Traceback (most recent call last):
  File "C:\Program Files\Splunk\etc\apps\search\bin\sendemail.py", line 1603, in <module>
    results = sendEmail(results, settings, keywords, argvals)
  File "C:\Program Files\Splunk\etc\apps\search\bin\sendemail.py", line 193, in sendEmail
    responseHeaders, responseBody = simpleRequest(uri, method='GET', getargs={'output_mode':'json'}, sessionKey=sessionKey)
  File "C:\Program Files\Splunk\Python-3.7\lib\site-packages\splunk\rest\__init__.py", line 583, in simpleRequest
    raise splunk.ResourceNotFound(uri)


I tried "| sendemail..." and it generates the same error there.
What is supposed to be in the endpoint and how do I fix it?

Labels (2)
Labels
0 Karma
Reply

renjith_nair
Legend
‎07-28-2022 04:06 AM

It's worth to check your email server settings and make sure they are valid servers 

Server settings  » Email settings

https://docs.splunk.com/Documentation/Splunk/9.0.0/Alert/Emailnotification

---
What goes around comes around. If it helps, hit it with Karma 🙂
0 Karma
Reply

simon00
Loves-to-Learn Lots
‎07-28-2022 05:45 AM

I am confident with my email server settings. I made(edited one I downloaded) custom alert action that consumes those settings and sends emails correctly. This is just workaround though and I am still working on the fix.

0 Karma
Reply
Get Updates on the Splunk Community!

Modern way of developing distributed application using OTel

Recently, I had the opportunity to work on a complex microservice using Spring boot and Quarkus to develop a ...

Enterprise Security Content Update (ESCU) | New Releases

Last month, the Splunk Threat Research Team had 3 releases of new security content via the Enterprise Security ...

Archived Metrics Now Available for APAC and EMEA realms

We’re excited to announce the launch of Archived Metrics in Splunk Infrastructure Monitoring for our customers ...