Add-on for sending email utilizing S.MIME - signatures and encryption app icon

Add-on for sending email utilizing S.MIME - signatures and encryption

Splunk Technology Add-on for sending **S/MIME signed and/or encrypted email** from: - a custom SPL command (`smimemail`) - a custom alert action (**Send S/MIME Email**) compatible with Splunk ES workflows

Built by
splunk product badge
Latest Version 1.1.0
March 16, 2026
Compatibility
Splunk Enterprise, Splunk Cloud
Platform Version: 10.3, 10.2, 10.1, 10.0, 9.4, 9.3
Rating

5

(3)

Log in to rate this app
Support
Add-on for sending email utilizing S.MIME - signatures and encryption support icon
Not Supported
Ranking

#38

in Email
Splunk Technology Add-on for sending **S/MIME signed and/or encrypted email** from: - a custom SPL command (`smimemail`) - a custom alert action (**Send S/MIME Email**) compatible with Splunk ES workflows It includes UI pages for SMTP/OAuth2 setup and certificate management. ## Current Capabilities | Capability | Status | |---|---| | S/MIME signing | PKCS#7 SignedData (detached), SHA-256 with RSA | | S/MIME encryption | PKCS#7 EnvelopedData, AES-256-CBC content encryption | | Recipient cert validation | Blocks send when recipient certs are missing/disabled (unless explicitly skipped in `smimemail`) | | SMTP transport | `none`, `starttls`, `ssl` | | OAuth2 mode | Uses client-credentials token and sends via **Microsoft Graph** raw MIME upload || Heavy Forwarder proxy | Route email delivery through an HF running **TA-smime-mailer-hf** || Alert action include options | Links, inline results, trigger metadata, CSV attachment | | Certificate monitoring endpoint | `| rest /servicesNS/nobody/ta-smime-mailer/smime_cert_monitor` |

Categories

Email, SIEM

Created By

Kamil Dolezel

Type

addon

Downloads

10

Licensing

Splunk End User License for Third Party Content(Opens new window)

Splunk Answers

Ask a question about this app listing(Opens new window)

Resources

Log in to report this app listing