Getting Data In

Email data/content to Splunk index?

the_wolverine
Champion

Has someone come up with a way to send an email that would inject the contents of the email into Splunk?

Tags (2)
0 Karma
2 Solutions

sideview
SplunkTrust
SplunkTrust

You can set up the imap app, aka 'mail' app, and then email anything you like to the email account that it's periodically indexing.

n

View solution in original post

gkanapathy
Splunk Employee
Splunk Employee

Yes. The IMAP application would do that. If you set up an IMAP server to receive messages, and use the Splunk for IMAP scripted input/app to fetch the messages from there.

In principle, a similar application could be made for a POP mail server. It's probably best to use something like this that leverages an existing mail infrastructure and server so as to avoid having to maintain your own.

View solution in original post

gkanapathy
Splunk Employee
Splunk Employee

Yes. The IMAP application would do that. If you set up an IMAP server to receive messages, and use the Splunk for IMAP scripted input/app to fetch the messages from there.

In principle, a similar application could be made for a POP mail server. It's probably best to use something like this that leverages an existing mail infrastructure and server so as to avoid having to maintain your own.

royimad
Builder

Hello, I'm facing exactly the same situation.
Any idea how to use IMAP, the needed steps ?

0 Karma

sideview
SplunkTrust
SplunkTrust

You can set up the imap app, aka 'mail' app, and then email anything you like to the email account that it's periodically indexing.

n

Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...