Reply
Accepted Solution

Splunk sendmail command

Expert
Posts: 181
4839     0

I'm trying to get alerts to send to a dynamic email address using the splunk sendmail command in the query line.  I'm not getting any errors but also not getting the emails out.  There are a lot of pieces to trouble shoot and before I spend any more time, I want to see if anyone else has gotten this to work.  

https://docs.splunk.com/Documentation/Splunk/6.4.2/SearchReference/Sendemail

We have the email of the responsiable group for each network saved as an EA.  Currently using the perl API, ibgraph, and smtp pulls, we scan for DHCP scopes that are getting full and send a email to the correct support person \ group for that network.  I'm trying to duplicate that functionality with the reporter tool. 

Re: Splunk sendmail command

Adviser
Posts: 118
4840     0

This worked for me in my lab environment. Couple of things to check:

 

  1. Does your smtp server require authentication?
  2. Does the email altert function work?
  3. Can your reporting member resolve DNS? If you are not sure try using the IP of the smtp server if you aren't already.

 

I did come across a few errors before I got it to work, so I know it does produce errors.

Re: Splunk sendmail command

Expert
Posts: 181
4840     0

Thank you for conformation that it does work.

I'll dig back into it and see if I can get it going now that I've gotten past the issue with average vs max DHCP range utilization and report frequency that I was working on in the other thread.

 

Showing results for 
Search instead for 
Do you mean 

Recommended for You