Product News & Announcements
All the latest news and announcements about Splunk products. Subscribe and never miss an update!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
New Article

Cloud Platform | Customer Change Announcement: Email Notification Delivery Improvements

GretchenFox
Community Manager
Community Manager
‎08-09-2023 07:11 AM

Background


Customer-configured Email-based alerting is a first-class workflow supported by Splunk. We know how vital alerting can be to our customers. To help ensure that you continue receiving any configured email-based alerts from your stacks, please take a moment to review a summary of changes being introduced.

Splunk Cloud Platform is enhancing its outbound email delivery capabilities to provide a more robust, multi-region email delivery service with increased limits on the email payload size. 

Summary of Changes


(Splunk will notify our customers the changes prior to the rollout by cohort by email)

Change

Description

Customer Impact

Custom MAIL FROM

Standard stacks: The MAIL FROM value in the SMTP envelope of emails originating from Splunk Cloud Platform and SOAR stacks will change from pm.mtasv.net to mail.splunkcloud.com. Emails will continue having the From field set to alerts@splunkcloud.com


FedRAMP Moderate stacks: MAIL FROM value in the SMTP envelope of emails originating from Splunk Cloud stacks will change from pm.mtasv.net to mail.splunkcloudgc.com. Emails will continue having the From field set to alerts@splunkcloudgc.com

No downtime expected. 


If you need clarification on any existing network policies at your end, please contact Customer Support so we may work with you to help ensure that you continue receiving email-based alerts.

Dynamic IP addresses for origin mail server

The origin email server is expected to have a dynamic IP address range in the future compared to the current state of a well-known IP address range. 

 

Enhancement

Description

Customer Impact

Multi-region Support

Email originating from customer stacks will now be routed via servers that are region-local to customer stack. 

None. No action required.

Email size

Email size, including body/text/images/ attachments, will be increased from 10MB to 40MB.

None. No action required.

 

Impacted stacks

  • All Splunk Cloud stacks hosted on AWS and GCP
  • All SOAR stacks
  • FedRAMP Moderate stacks 

Roadmap Initiatives


We are also excited to let you in on some of our future roadmap initiatives following this change:

  • Automating management of suppressed emails

There have been cases where domains/email addresses have been reported as erroneously blocked resulting in undelivered emails for customers. With the eventual goal of self-service, we will start automating remediation workflows for email suppression use cases. 

  • Number of recipients

Customers are currently able to send an email notification for alerts to multiple customer-configured recipients not exceeding a count of 50 (Sum of the number of recipients in To, CC, BCC fields). We will allow this number to be adjusted.

0 Karma
Get Updates on the Splunk Community!

Developer Spotlight with Paul Stout

Welcome to our very first developer spotlight release series where we'll feature some awesome Splunk ...

State of Splunk Careers 2024: Maximizing Career Outcomes and the Continued Value of ...

For the past four years, Splunk has partnered with Enterprise Strategy Group to conduct a survey that gauges ...

Data-Driven Success: Splunk & Financial Services

Splunk streamlines the process of extracting insights from large volumes of data. In this fast-paced world, ...