Alerting

How to configure email alert using gmail smtp?

melonman
Motivator

Hi

I was trying to configure email alert to deliver scheduled saved search result.
The SMTP server I was trying to use is gmail SMTP.

The configuration in Email alert settings -> Mail Server Settings is:

Mail Host -> smtp.gmail.com:465
# Enable SSL checked

Username -> @gmai.com
Password ->
...

Is there any misconfiguration or limitation of SMTP server?
Does anyone know how to use gmail SMTP with splunk email alering?

Thank you!

Tags (1)
1 Solution

itinney
Path Finder

Hi,
What works for me is to use port 587 and use TLS in place of SSL.

If you try to test using the "sendemail" search command then I found that it does not seem to pick up every setting from alert_actions.conf file so I had to specify some of them for it to start working. This includes the undocumented argument "use_tls" which you can find in the sendemail.py script.

The following search worked for me and I then used these settings in alert_actions.conf (configured through the UI):
index=_internal | head 1 | sendemail to="name@my.email.domain" format="html" server=smtp.gmail.com:587 use_tls=1

View solution in original post

sherm77
Path Finder

himynamesdave
Contributor

@sherm77 kudos coming your way!

0 Karma

saurabh_tek
Communicator

Thanks @himynamesdave for sharing the updated link

0 Karma

ashish_test
New Member

Hi, I'm getting error as "command="sendemail", [Errno 11001] getaddrinfo failed while sending mail to: xxxx.xxxx@gmail.com.
I'hv faced to same error [Errno 11001] while testing integration with servicenow with the help of servicenow app. I think there is something wrong with my system settings? Can you please help.

Python log shows below error-
2013-10-28 19:06:29,036 DEBUG Preloading from 'C:\Program Files\Splunk\var\run\splunk\merged\web.conf'.
2013-10-28 19:06:29,038 DEBUG simpleRequest > GET https://127.0.0.1:8089/servicesNS/nobody/search/admin/alert_actions/email [] sessionSource=direct
2013-10-28 19:06:29,448 DEBUG simpleRequest < server responded status=200 responseTime=0.4110s
2013-10-28 19:06:29,457 ERROR Sending email. subject="Splunk Results", results_link="None", recipients="['XXXX.XXXXx@gmail.com']"

0 Karma

itinney
Path Finder

Hi,
What works for me is to use port 587 and use TLS in place of SSL.

If you try to test using the "sendemail" search command then I found that it does not seem to pick up every setting from alert_actions.conf file so I had to specify some of them for it to start working. This includes the undocumented argument "use_tls" which you can find in the sendemail.py script.

The following search worked for me and I then used these settings in alert_actions.conf (configured through the UI):
index=_internal | head 1 | sendemail to="name@my.email.domain" format="html" server=smtp.gmail.com:587 use_tls=1

melonman
Motivator

Thanks for answers and tips!

0 Karma

itinney
Path Finder

Oh and when you test the Scheduled Alert, don't forget to disable it so you don't get 50 alert emails in your inbox 😉

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...