The correlation rule email action is not working.

A correlation rule was created to fire on a particular event and then execute an email action. The correlation rule fires but the email action is not executed.

 

The following error is appearing multiple times in the server0.0.log

 

Thu Aug 22 13:38:48 EDT 2013|SEVERE|pool-30-thread-1|esecurity.ccs.comp.script.executor.JavaScriptExecutor.execute
 ; Exception JavaException: java.lang.IllegalArgumentException: Error sending email: No recipients specified. (/var/opt/novell/sentinel/data/server.cache/javascript_action_plugins/Send_EMail_751929F21936102B8518001321B5C0B3_254939542167378675/main.script#277); org.mozilla.javascript.JavaScriptException;
Thu Aug 22 13:38:48 EDT 2013|SEVERE|pool-30-thread-2|esecurity.ccs.comp.script.executor.JavaScriptExecutor.execute
 ; Exception JavaException: java.lang.IllegalArgumentException: Error sending email: No recipients specified. (/var/opt/novell/sentinel/data/server.cache/javascript_action_plugins/Send_EMail_751929F21936102B8518001321B5C0B3_

254939542167378675/main.script#277);

 

The email action has been tested outside of correlation and worked successfully.

The error in the server0.0.log is somewhat misleading for this particular situation because there are recipients specified to recieve emails and the email action was tested to confirm the recipient recieved an email.

 

In this situation the correlation rule was misconfigured.  The rule was set to fire every time an event occurred, however said event occurred many times per minute\second which in turn would try to send an email action.   This resulted in more email actions than the system could handle.