After upgrading to 6.1, our email alerts have stopped sending.
In the splunkd.log I'm getting the following line
01-13-2015 07:25:06.258 -0500 ERROR ScriptRunner - stderr from 'C:\Program Files\Splunk\bin\PYTHON.EXE C:\Program Files\Splunk\etc\apps\search\bin\sendemail.py "results_link=https://splunk.secureiq.ca:8000/app/search/@go?sid=scheduler__admin__search__RMD50a13d0b190b0c032_at_1421151900_1351" "ssname=Alert: Error Message from Windows Application Event Log" "graceful=True" "trigger_time=1421151905" results_file="C:\\Program Files\\Splunk\\var\\run\\splunk\\dispatch\\scheduler__admin__search__RMD50a13d0b190b0c032_at_1421151900_1351\\results.csv.gz"': ERROR:root:missing required argument: to. Please specify at least on email recipient as: "to=address@example.com"
I've tried putting the email info in the Alerts Search string, and emails are sent, however the alerts are triggered on a Cron schedule every 5 mins, so each alert sends an email every 5 mins whether there's anything to report or not.
I've also tried replacing sendemail.py and sendemail_handler.py with those below and restarting Splunk....
https://github.com/edo17/splunk/blob/master/etc/apps/search/bin/sendemail.py
https://github.com/edo17/splunk/blob/master/etc/apps/search/bin/sendemail_handler.py
Am still getting the same error in the log.
Can anyone help with this?
... View more