- Find Answers
- :
- Using Splunk
- :
- Other Using Splunk
- :
- Reporting
- :
- Can we configure Splunk to use multiple senders in...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
As per my understanding, Splunk can only send an alert from 1 sender that configured in the Email Setting.
I need to know if we can configure Splunk to use multiple senders?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@vumanhtai,
You may try using the sendemail command where you can mention the [from=]
sendemail to=<email_list>
[from=<email_list>]
[cc=<email_list>]
[bcc=<email_list>]
[subject=<string>]
[format=csv | table | raw]
[inline= <bool>]
[sendresults=<bool>]
[sendpdf=<bool>]
Or
Try adding them in savedsearches.conf
action.email.from = <email address>
* Set an email address to use as the sender's address.
* Defaults to splunk@<LOCALHOST> (or whatever is set in alert_actions.conf).
What goes around comes around. If it helps, hit it with Karma 🙂
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@vumanhtai,
You may try using the sendemail command where you can mention the [from=]
sendemail to=<email_list>
[from=<email_list>]
[cc=<email_list>]
[bcc=<email_list>]
[subject=<string>]
[format=csv | table | raw]
[inline= <bool>]
[sendresults=<bool>]
[sendpdf=<bool>]
Or
Try adding them in savedsearches.conf
action.email.from = <email address>
* Set an email address to use as the sender's address.
* Defaults to splunk@<LOCALHOST> (or whatever is set in alert_actions.conf).
What goes around comes around. If it helps, hit it with Karma 🙂
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I tried using the sendemail command but I didn't see the password entry field for the email sent
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Do you mean you want to set the username/password for the server authentication during sendmail ? If yes, then username= and password= should work though they are not mentioned in the doc.
def mail(email, argvals, ssContent, sessionKey):
sender = email['From']
use_ssl = normalizeBoolean(ssContent.get('action.email.use_ssl', False))
use_tls = normalizeBoolean(ssContent.get('action.email.use_tls', False))
server = ssContent.get('action.email.mailserver', 'localhost')
username = argvals.get('username', '')
password = argvals.get('password', '')
What goes around comes around. If it helps, hit it with Karma 🙂
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi renjith.nair !
sourcetye=error | stats count by email | sendmail to=....
I want the receiver in "sendmail" is the result of query "stats count by email"
For example:
If we have 3 emails from the "stats count by email"
Then the query "sendmail" will send email to the 3 above emails.
Thanks in advance!
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
oh! thank you so much
Enterprise Security Content Update (ESCU) | New Releases
Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?
Index This | What are the 12 Days of Splunk-mas?
