All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Why am I getting "An unexpected TLS packet was received" trying to install Splunk for Palo Alto Networks in Splunk Light 6.3.2 on Ubuntu 14.04.3 LTS?

mjung
New Member
‎01-06-2016 02:09 PM

Hello,

I'm trying to install the Splunk for Palo Alto Networks Addin/App for Splunk onto an instance of Splunk Light running on top of Ubuntu 14.04.3 LTS. The installation instructions indicate the package may be downloaded directly (which I have done) or installed from git.

I have attempted the git method, but I am getting an error as below:

fatal: unable to access 'https://github.com/PaloAltoNetworks-BD/SplunkforPaloAltoNetworks.git/': gnutls_handshake() failed: An unexpected TLS packet was received.

I'm not sure how to handle the direct download installation method. There doesn't appear to be instructions for this. I downloaded the .tgz and extracted to the /opt/splunk/etc/apps directory and restarted Splunk, but I don't see anything. Note that I am using Splunk Light and not Splunk Enterprise - I don't think the light version supports downloading apps from the apps homepage as is described in the documentation.

By the way, I am pretty inexperienced with Splunk so I apologize in advance if I omitted anything here.

Any help would be appreciated. Thank you.

0 Karma
Reply

kchamplin_splun
Splunk Employee
Splunk Employee
‎01-06-2016 02:33 PM

In general, packaged apps are not supported inside of Splunk Light - I think that this includes 3rd party apps that are prebuilt.
http://www.splunk.com/en_us/products/splunk-light/splunk-light-vs-splunk-enterprise.html

Also the error you're seeing is likely to do with git, not anything Splunk related. You might be able to use apt-get to install a version of git that supports openssl instead of gnutls, but that's an Ubuntu / git thing, not a Splunk thing.
http://askubuntu.com/questions/186847/error-gnutls-handshake-failed-when-connecting-to-https-servers

0 Karma
Reply

btorresgil
Builder
‎01-06-2016 02:22 PM

Hi mjung,

The Palo Alto Networks App for Splunk is an App for Splunk Enterprise, not Splunk Light. Compatibility is indicated on the app's homepage: https://splunkbase.splunk.com/app/491

0 Karma
Reply

mjung
New Member
‎01-06-2016 02:10 PM

Sorry I forgot to say Splunk is running as Splunk Light Version 6.3.2. We do have a license - it is not the free version.

0 Karma
Reply
Get Updates on the Splunk Community!

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...

Introducing the 2024 Splunk MVPs!

We are excited to announce the 2024 cohort of the Splunk MVP program. Splunk MVPs are passionate members of ...

Splunk Custom Visualizations App End of Life

The Splunk Custom Visualizations apps End of Life for SimpleXML will reach end of support on Dec 21, 2024, ...