When setting up alerts that send emails, I find it nice to be able to send the sample alerts to a local SMTP server. It’s useful for testing my thresholds and to rule out spam or mail routing rules. Luckily for us, the Python shipped with Splunk also comes with smtpd.py, which is very easy to setup.
Using a terminal, run the following from the $SPLUNK_HOME/bin directory:
./splunk cmd python -m smtpd -n -d -c DebuggingServer localhost:2500
Under the Email Alert setting menu, set the Mail host value to localhost:2500
Setup your alert as you normally would. You can put in anything for the email as the email won’t actually be sent anywhere.
You should now see the message in STDOUT if everything is configured correctly.
