- Apps and Add-ons
- :
- All Apps and Add-ons
- :
- IMAP on Shared Mailbox Windows
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
IMAP on Shared Mailbox Windows
Hi, trying to get this this working on windows. Put in the basic for the imap.conf I get the error below by directly running
1) splunk envvars
2) splunk cmd python "D:\Program Files\Splunk\etc\apps\IMAPmailbox\bin\get_imap_email.py"
D:\Program Files\Splunk\bin>splunk cmd python "D:\Program Files\Splunk\etc\apps\IMAPmailbox\bin\get_imap_email.py"
Traceback (most recent call last):
File "D:\Program Files\Splunk\etc\apps\IMAPmailbox\bin\get_imap_email.py", line 715, in <module>
parseArgs()
File "D:\Program Files\Splunk\etc\apps\IMAPmailbox\bin\get_imap_email.py", line 700, in parseArgs
imapProc.initFromOptlist(optlist)
File "D:\Program Files\Splunk\etc\apps\IMAPmailbox\bin\get_imap_email.py", line 133, in initFromOptlist
self.readConfig()
File "D:\Program Files\Splunk\etc\apps\IMAPmailbox\bin\get_imap_email.py", line 178, in readConfig
config.read(path)
File "D:\Program Files\Splunk\Python-2.7\Lib\ConfigParser.py", line 305, in read
self._read(fp, filename)
File "D:\Program Files\Splunk\Python-2.7\Lib\ConfigParser.py", line 512, in _read
raise MissingSectionHeaderError(fpname, lineno, line)
ConfigParser.MissingSectionHeaderError: File contains no section headers.
file: D:\Program Files\Splunk\etc\apps\IMAPmailbox\bin\..\local\imap.conf, line: 1
'\xef\xbb\xbf\n'
Here is my imap.conf:
[IMAP Configuration]
debug = 0
deleteWhenDone = 0
disabled = 0
fullHeaders = 0
includeBody = 1
noCache = 0
server = mail.myserver.com
useSSL = 1
user = userid
password=mypw
Any help is appreciated. Thank you!
Chris
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I was able to resolve the issue above with saving the imap.conf file on the server using wordpad. I was editing the file remotely over a mapped drive and I am not sure why but this resolved it.
My current issue is the account I am using to authenticate to exchange is not mail enabled but this is the account I need to use to access a shared mailbox. I have not found a way to use this account to authenticate then access a different mailbox that the account has permissions for.
Thoughts?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Changing the IMAP search got this working for me. I added the search to return all emails larger than 1 k. I'm deleting when done, which it doesn't look like you are. Even if you are not deleting and relying on the cache, I would change the search to emails larger than 1 k.
imapSearch = UNDELETED LARGER 1
Here's what I have for the config file:
[IMAP Configuration]
server = 192.168.#.##
user = userID
xpassword =
password = mypass
useSSL = true
port = 993
fullHeaders = False
includeBody = True
mimeTypes = text/richtext,text/plain,text/rtf
folders = Inbox
imapSearch = UNDELETED LARGER 1
deleteWhenDone = true
debug = true
noCache = true
splunkuser =
splunkpassword =
splunkxpassword =
splunkHostPath = https://localhost:8089
timeout = 10
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
May want to try adding a port=993 in the config if using SSL.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Ok, I think I see what is happening. It didn't like the character encoding of the conf file (must be a NIX thing vs Windows). I changed the encoding on the file and I'm getting a little further. Let's see how far I get.
Chris
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Have you tried changing the 0 & 1 to True and False? I know it's the same, but don't know how picky the app is with the config file. Mine are set to True and False.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Did you configure the inputs.config file? There is a difference with how *nix servers parse file paths and windows and that file needs to be configured. Something like this would be very cool to have in the GUI as a checkbox. I missed this when setting up the 1st time.
Below we define to script stanza exactly the same but with different path seperators.
This allows us to work on either windows or *nix.
Enable the input you need based on your OS:
on = "disabled = false"
off = "disabled = true"
Default email check is 5 minutes, or 300 seconds. Adjust as you wish.
*nix systems
[script://./bin/get_imap_email.py]
interval = 300
sourcetype = imap
source = imap
index = mail
disabled = true
windows
[script://.\bin\get_imap_email.py]
interval = 60
sourcetype = imap
source = imap
index = mail
disabled = false
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yep, did that from the beginning, my config below:
# *nix systems
[script://./bin/get_imap_email.py]
interval = 300
sourcetype = imap
source = imap
index = mail
disabled = true
# windows
[script://.\bin\get_imap_email.py]
interval = 300
sourcetype = imap
source = imap
index = mail
disabled = false
Thank you!
Chris
Introducing Splunk Enterprise 9.2
Adoption of RUM and APM at Splunk
Routing logs with Splunk OTel Collector for Kubernetes
