Configured the eStreamer app in Splunk with no issues. Cert is copied over to the splunk. Verified port 8302 is open.
But when i run the scriot clieni_check.py seeing the below error
Setting up auth certificate
SFPkcs12 : Processing /home/splunk/bin/scripts/10.0.0.201.pkcs12
SFPkcs12 : Writing ./server.crt
SFPkcs12 : Writing ./server.key
Retrieving metadata from file
Starting bookmark is 1398245642
Connecting to 10.0.0.136 port 8302
Can't connect to 10.0.0.136 port 8302: IO::Socket::INET configuration failederror:00000000:lib(0):func(0):reason(0)
This sounds like it may be an issue with the Defense Center not accepting the connection; most likely due to the Splunk system IP not matching that of the client certificate when it was generated. When you generated the certificate, did you use a hostname? If so, can the DC match the hostname to that of the Splunk system the eStreamer client is running on? Keep in mind any NATs that may be in there as well.