we are using Splunk Cloud i want to modify from address(Splunk Cloud alerts@splunkcloud.com ) and want to use custom email when an alert email is generated
you have quite lot of configuration available , but not sure how much admin rights you got with Cloud
Please see the link for configurations : https://docs.splunk.com/Documentation/Splunk/8.0.2/Alert/Emailnotification
The specific one would be:
Send emails as (Optional) Specify a sender identification, used in the From email header field. Use an email address or a string. Strings are concatenated with @<hostname>, using the hostname specified in alert_actions.conffor the machine sending the email notification or @localhost if no hostname is specified. Defaults to splunk@<hostname> or splunk@localhost if no hostname is specified.
Or via GUI, the base settings are
As an admin go to Settings
-> Server settings
-> Email settings
-> Send emails as
and set to proper value.