Splunk Enterprise Security

How to change the "From" address when an alert email is generated

vikram1583
Explorer

we are using Splunk Cloud i want to modify from address(Splunk Cloud alerts@splunkcloud.com ) and want to use custom email when an alert email is generated

0 Karma

koshyk
Super Champion

you have quite lot of configuration available , but not sure how much admin rights you got with Cloud

Please see the link for configurations : https://docs.splunk.com/Documentation/Splunk/8.0.2/Alert/Emailnotification

The specific one would be:

Send emails as  (Optional) Specify a sender identification, used in the From email header field. Use an email address or a string. Strings are concatenated with @<hostname>, using the hostname specified in alert_actions.conffor the machine sending the email notification or @localhost if no hostname is specified. Defaults to splunk@<hostname> or splunk@localhost if no hostname is specified.

Or via GUI, the base settings are
As an admin go to Settings -> Server settings -> Email settings -> Send emails as and set to proper value.

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...