Hello Splunk Community,
I have two search heads.
1 search head is able to send out email alerts and the other one can't.
I am using Amazon SES as the Mail Host. Each Search Head has a unique Access Key and setup the secret key.
I can't figure out why 1 of the search heads can not send an email out and the other can.
I used the sendemail command on the server with the issue and this is the error message I am getting:
command="sendemail", (535, b'Authentication Credentials Invalid') while sending mail to:<myEmailAdress>
Thoughts?
I used the sendemail command on the server with the issue and this is the error message I am getting:
command="sendemail", (535, b'Authentication Credentials Invalid') while sending mail to:<myEmailAdress>
You answered your own question: on that problematic server, credential is not set up correctly. (Did you get similar errors in splunk.log?)