How to Configure Email Alerting using Gmail SMTP in SPLUNK

How to Configure Email Alerting using Gmail SMTP in SPLUNK

Step1: Configure Email Settings In SPLUNK

Configuring SPLUNK to connect to the gmail servers is very simple.

In Splunk, navigate to: “Settings > Server Settings > Email  settings

1) There you have to configure “Mail Server Settings”.

Example :-  Mail host =

Email security = Enable TLS


Password = ******** ( YOUR_GMAIL_PASSWORD )

Confirm Password = ********


2) Now configure the “Email Format”.


3) Now click on save.


Step2: Gmail account settings

1) At first you have to sign in into your gmail account through your credentials.




2)Then you have to allow lesssecureapps option of your account.

Now you have to go the for allow the less secure apps. Now your gmail is fully configured to get the email alert from the SPLUNK server.



Step3: Create an alert.

For creating an alert at first you have to write a query and save as an alert.



 Step4: Configure the alert.

  1. Give the alert name and description.Here we configure this alert which will be generated in every two minutes.The query will show the data of last 24 hours output as a result.


  1. Now you have to set the “Trigger Conditions” as per your requirement.
You can also know about :  How To Pass Country Value From a Cluster Map using Drilldown

Here we have set the “Trigger Conditions” as Number of Results is greater than 0 . Also set the Trigger as Once.


  1. Set the “Trigger Actions”

Click on  the “Add Actions” and select the “send email” option.


  1. Now set the “send email”

Here you give your gmail address and also can set the Priority. You can include multiple options as per your requirement. Then click on save.

Now whenever the condition will match ,alert will be generated and  the results will be forwarded to your gmail.


Step5: Check the gmail account.

You can check your gmail account.There you will find the SPLUNK alert and also can see the results.




Hope this has helped you in achieving the below requirement without fail :

How to Configure Email Alerting using Gmail SMTP in SPLUNK

Happy Splunking !!



  1. Hi,

    I would like to know how we can index email attachment contents into Splunk ?

    For example : If I send a mail to you with an attachment, I would like to get the contents in the attachment indexed into splunk


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.