These docs are for Cribl Stream 4.8 and are no longer actively maintained.
See the latest version (4.11).
Email Notification Targets
You can send notifications by email, using an SMTP server of your choice. Once you have configured the email notification target, you can specify the recipients and customize the subject line and message content. See Email Notifications for details on configuring an email Notification.
To add an email Notification target in Cribl Stream, go to Manage > Notifications > Targets > Add Target.
If you are a Cribl.Cloud user with an Enterprise license, you can use the default email Notification target. This target requires no configuration.
General Settings
Target ID: Enter a unique name to identify this email Notification target.
Configuration
Address: Identify the SMTP server by its hostname or IP address.
Port: Set the SMTP port. Use port 587 for SMTP Secure (SMTPS). Use 465 when SSL/TLS is enabled. You can also use port 2525 if your email service provider supports this port as a backup when other ports are blocked by a network provider or a firewall.
In Cribl.Cloud, Enterprise orgs can use system_email – the default email notification target – and avoid configuring an SMTP server. If you do wish to configure an SMTP server in Cribl.Cloud, use any port other than port 25.
Encryption type: Specify the encryption type used to secure SMTP communication. Options include:
- STARTTLS: Select this option to start the connection as plaintext, then upgrade it to a TLS-encrypted one if the server supports it. If the server doesn’t support it, the connection remains plaintext.
STARTTLS upgrades the connection to be encrypted but does not authenticate the server. Take additional steps to prevent man-in-the-middle attacks.
- Require STARTTLS: Select this option to require TLS. If the server doesn’t support a secure connection, the connection will be dropped.
- TLS (SMTPS): Select this option to use an encrypted connection from the start without requiring a subsequent connection upgrade.
- None: Select this option to use a plaintext connection.
Minimum TLS version: Optionally, select the minimum TLS version to use when connecting.
Maximum TLS version: Optionally, select the maximum TLS version to use when connecting.
Validate server certs: Toggle to Yes to reject certificates that are not authorized by a CA in the CA certificate path or by another trusted CA (such as the system’s CA).
From: Identify the email address of the sender.
Authentication
Username: The authentication principal (if required).
Password: The authentication credential (if required).
Testing Email Notification Targets
When you finish configuring your email Notification target, you can manage it, using the following options.
Click Save & Test Target to save your target and open a modal where you can enter an email to test your email Notification target. After configuration, the button text changes to Test Target.
Default Email Notification Target for Cribl.Cloud Enterprise Orgs
For Cribl.Cloud Enterprise orgs, a default email Notification target is available for Cribl Stream, Edge, and Search. You can use this target to route any email Notification to any valid email address.
This target appears in the Notifications > Target modal as system_email. You cannot modify or remove this target.
The system_email Notification target is managed by Cribl. It will be disabled in the unlikely event of abuse. If this target is disabled for a workspace, a log entry will appear in the Notifications Service logs. Select Monitoring > Logs > Notifications Service to view this log.
The
system_emailemail Notification target is available only for Cribl.Cloud Enterprise organizations.
Sending Domain for Cribl.Cloud Email Notifications
Every Cribl.Cloud workspace and organization has a unique address for its email Notification target. Messages sent using this target will have a sender’s address in the form do-not-reply@<workspace>-<org>.criblcloud.email. To ensure delivery, recipients should add the criblcloud.email domain to their email allowlists.