Alerting
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Email alert changes

pratapa
Explorer
‎01-15-2020 10:38 PM

Hi,

In our environment, email ID in the TO field has changed for one of the alerts.

How to know when the email ID has changed. What was the previous email ID. Will this be logged in any log file.

Pratapa

Tags (1)
0 Karma
Reply

soumyasaha25
Contributor
‎01-16-2020 03:17 AM

have a look in index=_internal source=*python.log* there you can have a look at the subject field that shows the alert name and the recipients filed shows the list of email ids.
you can compare by dunning the search over different times and see the difference in the recipients to find out which email ids were changed.

Reply
Get Updates on the Splunk Community!

Index This | Forward, I’m heavy; backward, I’m not. What am I?

April 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

A Guide To Cloud Migration Success

As enterprises’ rapid expansion to the cloud continues, IT leaders are continuously looking for ways to focus ...

Join Us for Splunk University and Get Your Bootcamp Game On!

If you know, you know! Splunk University is the vibe this summer so register today for bootcamps galore ...