All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Issues after upgrading jms_ta from version 1.3.6 to 1.3.8

rajanala
Path Finder
‎03-27-2015 11:49 AM

Had a working system with jms_ta 1.3.6 until the OS updates to patch SSL3 took place.

Current System details:
We now upgrade from jms_ta 1.3.6 to jms_ta 1.3.8
Splunk: 5.0.3 Universal Forwarder
java version "1.7.0_75"
OpenJDK Runtime Environment (rhel-2.5.4.0.el6_6-x86_64 u75-b13)
OpenJDK 64-Bit Server VM (build 24.75-b04, mixed mode)

ISSUE:
We were not able to make jms_ta 1.3.8 work.

Tested the settign with the followign command:
python /opt/splunk/etc/apps/jms_ta/bin/jms.py --scheme
Error: Could not find or load main class com.splunk.modinput.jms.JMSModularInput

splunkd.log shows these errors:
-0500 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/jms_ta/bin/jms.py" Error executing modular input : Server chose TLSv1, but that protocol version is not enabled or not supported by the client. : java.lang.RuntimeException: Server chose TLSv1, but that protocol version is not enabled or not supported by the client.
-0500 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/jms_ta/bin/jms.py" at com.splunk.HttpService.send(HttpService.java:370)
-0500 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/jms_ta/bin/jms.py" at com.splunk.Service.send(Service.java:1268)
-0500 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/jms_ta/bin/jms.py" Caused by: javax.net.ssl.SSLHandshakeException: Server chose TLSv1, but that protocol version is not enabled or not supported by the client.

Request for help in resolving the issue.

Reply

rajanala
Path Finder
‎05-08-2015 07:04 AM

Fixed the issue by:
1) Upgrading Splunk Forwarder from 5.X to 6.X.
2) Upgrading jms_ta to 1.3.8

0 Karma
Reply

Damien_Dallimor
Ultra Champion
‎05-08-2015 07:16 AM

FYI:

Splunk 5 does not support TLSv1.2.
JMS 1.3.8 uses TLSv1.2

0 Karma
Reply

rajanala
Path Finder
‎04-07-2015 08:08 AM

I would like to download and test with jms_ta 1.3.7 but Splunk defaults to jms_ta 1.3.8 .

0 Karma
Reply
Get Updates on the Splunk Community!

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

Take a look below to explore our upcoming Community Office Hours, Tech Talks, and Webinars this month. This ...

They're back! Join the SplunkTrust and MVP at .conf24

With our highly anticipated annual conference, .conf, comes the fez-wearers you can trust! The SplunkTrust, as ...

Enterprise Security Content Update (ESCU) | New Releases

Last month, the Splunk Threat Research Team had two releases of new security content via the Enterprise ...