Hi All,
Today my users claiming that they are not receiving email alerts from splunk: Below are the steps taken to verify the same:
1) Verified in triggered alerts -- i see a count in triggered alerts
2) verified python.log -- dint find any errors, rather i see events that say email sent to so and so address.
When i check the linux email log \var\log\maillog is find below error message:
postfix/local[number]: number:to =<xyz.localdomain>,orig_to=<splunk>, relay=local,delay=0.1,dsn=X.Y.Z,status=bounced (cannot update mialbox /var/mai/splunk for splunk. error writing message: file too large)
is this related to size of the email?
is this problem with SMTP?
i see CHMOD errors in \var\mail\splunk....
Any one faced this kind of situation, help in this regard is highly helpful.
Thanks in advance!
↧