All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

OPSEC-LEA issues

universal666888
New Member
‎10-19-2013 04:48 AM

Environment:
Checkpoint firwall R75.40 (IP:172.16.10.1/24)

Management Server R75.40 (IP:172.16.10.2/24)

Splunk server(CentOS6.4 x86_64) (IP:172.16.10.190/24)



I discribe the issue as follows:


In Splunk server,the Last connection status is "Never Connected",can anyone have some ideas?
The splunk server , I used the command "cat web_service.log" displayed :
2013-10-19 19:03:54,450 INFO [52626719af1c7db10] root:536 - CONFIG: version_label (str): 5.0.5
2013-10-19 19:03:54,450 INFO [52626719af1c7db10] root:536 - CONFIG: version_number (str): 5.0.5
2013-10-19 19:03:54,450 INFO [52626719af1c7db10] root:536 - CONFIG: x_frame_options_sameorigin (bool): True
2013-10-19 19:03:54,468 INFO [52626719af1c7db10] root:134 - ENGINE: Bus STARTING
2013-10-19 19:03:54,478 INFO [52626719af1c7db10] root:134 - ENGINE: Started monitor thread 'TimeoutMonitor'.
2013-10-19 19:03:54,600 INFO [5262671a982a3c810] root:134 - ENGINE: Started monitor thread 'Monitor'.
2013-10-19 19:03:54,692 INFO [52626719af1c7db10] root:134 - ENGINE: Serving on 0.0.0.0:8000
2013-10-19 19:03:54,693 INFO [52626719af1c7db10] root:134 - ENGINE: Bus STARTED
2013-10-19 19:04:27,328 INFO [5262673b082a3cb90] root:134 - ENGINE: Started monitor thread 'Monitor'.
2013-10-19 19:04:27,332 ERROR [5262673b082a3cb90] config:81 - [HTTP 401] Client is not authenticated
Traceback (most recent call last):
File "/opt/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/lib/config.py", line 79, in getServerZoneInfo
return times.getServerZoneinfo()
File "/opt/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/lib/times.py", line 158, in getServerZoneinfo
serverStatus, serverResp = splunk.rest.simpleRequest('/search/timeparser/tz')
File "/opt/splunk/lib/python2.7/site-packages/splunk/rest/init_.py", line 477, in simpleRequest
raise splunk.AuthenticationFailed
AuthenticationFailed: [HTTP 401] Client is not authenticated2013-10-19 19:04:33,427 INFO [52626741652a4bbd0] account:256 - user=admin action=login status=success session=7140f70f31e393420c3417d0c485107a reason=user-initiated useragent="Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E)" clientip=172.16.10.5
2013-10-19 19:04:33,766 INFO [52626741717fb7381d9750] cached:77 - memoized decorator used on function with non hashable arguments
[root@splunk splunk]#

Can anyone give some suggestion?

0 Karma
Reply

araitz
Splunk Employee
Splunk Employee
‎10-23-2013 09:12 AM

It seems that you are having problems connecting to the MDMS. Can you open a support case so we can take a look at your diag file?

0 Karma
Reply

piebob
Splunk Employee
Splunk Employee
‎10-20-2013 02:57 PM

can you be more specific about what you are doing when the error occurs? are you trying to use the Splunk add-on for OPSEC-LEA? please also provide a more descriptive title for this question? otherwise, other users will not know what you are asking about.

0 Karma
Reply
Get Updates on the Splunk Community!

New in Observability Cloud - Explicit Bucket Histograms

Splunk introduces native support for histograms as a metric data type within Observability Cloud with Explicit ...

Updated Team Landing Page in Splunk Observability

We’re making some changes to the team landing page in Splunk Observability, based on your feedback. The ...

New! Splunk Observability Search Enhancements for Splunk APM Services/Traces and ...

Regardless of where you are in Splunk Observability, you can search for relevant APM targets including service ...