Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Why is one search head able to send out email alerts but not the other?

Golgie
Loves-to-Learn Lots
‎08-02-2022 02:53 PM

Hello Splunk Community, 

I have two search heads. 

1 search head is able to send out email alerts and the other one can't.

I am using Amazon SES as the Mail Host. Each Search Head has a unique Access Key and setup the secret key. 

I can't figure out why 1 of the search heads can not send an email out and the other can.  

I used the sendemail command on the server with the issue and this is the error message I am getting:

command="sendemail", (535, b'Authentication Credentials Invalid') while sending mail to:<myEmailAdress>

Thoughts? 



Labels (1)
Labels
0 Karma
Reply

yuanliu
SplunkTrust
SplunkTrust
‎08-02-2022 05:16 PM
I used the sendemail command on the server with the issue and this is the error message I am getting:

command="sendemail", (535, b'Authentication Credentials Invalid') while sending mail to:<myEmailAdress>


You answered your own question: on that problematic server, credential is not set up correctly. (Did you get similar errors in splunk.log?)

Reply
Get Updates on the Splunk Community!

Modern way of developing distributed application using OTel

Recently, I had the opportunity to work on a complex microservice using Spring boot and Quarkus to develop a ...

Enterprise Security Content Update (ESCU) | New Releases

Last month, the Splunk Threat Research Team had 3 releases of new security content via the Enterprise Security ...

Archived Metrics Now Available for APAC and EMEA realms

We’re excited to announce the launch of Archived Metrics in Splunk Infrastructure Monitoring for our customers ...