- Splunk Answers
- :
- Splunk Administration
- :
- Security
- :
- Error: "EOF when reading a line"
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The app's configuration seems really simple, which makes me wonder if I am missing anything -- and here is what I have:
- What is the IP Address and Port of the InterMapper Web Server? -- IP-only (no port number -- is that required?)
- What is the name of the map you would like to be displayed on login by default? (Case sensitive) -- Copy and pasted a name from the web server's map list.
- Do you require a HTTPS connection? -- checked.
When accessing the app in Splunk, I get an error message "EOF when reading a line".
So my questions are:
- Does the app not need an account to access the web server?
- If so, where do I configure that?
- If not, how do I make the web server accessible to the InterMapper app in Splunk?
- We have 3 InterMapper servers, each operating its own web server. Do I need to run multiple instances of the InterMapper app to get access to all the maps?
Thank you much for the app and your support would be much appreciated.
Wei Wang
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Wei, thanks for your interest.
There is an install guide here: $SPLUNK_HOME/etc/apps/InterMapper/install.html
Question 1,2,3: The app can use any account and the account info is not entered anywhere in the app, it uses auto log on from the Splunk server IP.
[from guide] Ensure you add an access control list to enable access from the IP of the Splunk machine and any potential users that will be accessing the Splunk App from the Firewall to Web Server based on IP Address box at the bottom of the same settings screen.
Next you need to add a user for Splunk to access the web server. From the same server settings screen select Users. Here you need to add a user with an automatic login from the Splunk server IP. At present there is no authentication between the Splunk server and the InterMapper server, all access is handled by the access list and the automatic login IP.
Once you have added the user you must click and drag it into the Administrators group as Splunk requires elevated privileges to export details about the maps contained within InterMapper.
Finally, you need to ensure that the newly added user actually has access to the maps which you have created and want users to be able to access via the Splunk app. To do this from the Server Settings window go to the Map Access option below Users. From here you need to ensure that the Splunk user has web access to each map you want it to be able to view and export information about.
Question 4: Currently the app only supports one location (web server) to grab maps. A map status probe on the main server to the two other servers would show the status of maps on other servers, but not the actual maps. I'll work to get a date on this feature.
Overview on how the app works:
The app is based on operational experience from implementing online service monitoring for a few large customers.
They use Splunk as their “single pane,” and InterMapper as a flexible data source of active monitoring
- Intermapper sends notifications via syslog to Splunk
- The Splunk app uses the InterMapper web server api for images etc.
- The Splunk app uses a .csv output of an InterMapper Layer2 probe for the switch information
- The app organizes, formats and correlates those sources for easy use.
I hope that helps. Let me know if there are any issues of follow up questions.
Gurdev Sethi
Product Manager
InterMapper
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you very much for the response. I should have downloaded the package and looked inside myself -- it was already installed when I get started on it.
I have created a "splunk" user in one InterMapper server with auto-login enabled from one Splunk server. Relaunching the app in Splunk, I get the default map, device and map lists, etc. But I do still have a few issues:
- Adding notifier to all devices -- We already have a notifier that is doing that. So I wonder if I could forward that data to Splunk instead of adding an additional notifier. Besides, it seems desirable for us to forward other logs from InterMapper to Splunk.
- Adding a commend "switch" to all devices -- That field is already used for other purposes. We may be able to append the text "switch" to the comments, but that seems to only be doable through a script.
So, at this point, I don't have any notification from InterMapper, and most of the devices are unclassified. I will need to do more to make this app really useful.
Thanks again,
Wei Wang
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Wei, thanks for your interest.
There is an install guide here: $SPLUNK_HOME/etc/apps/InterMapper/install.html
Question 1,2,3: The app can use any account and the account info is not entered anywhere in the app, it uses auto log on from the Splunk server IP.
[from guide] Ensure you add an access control list to enable access from the IP of the Splunk machine and any potential users that will be accessing the Splunk App from the Firewall to Web Server based on IP Address box at the bottom of the same settings screen.
Next you need to add a user for Splunk to access the web server. From the same server settings screen select Users. Here you need to add a user with an automatic login from the Splunk server IP. At present there is no authentication between the Splunk server and the InterMapper server, all access is handled by the access list and the automatic login IP.
Once you have added the user you must click and drag it into the Administrators group as Splunk requires elevated privileges to export details about the maps contained within InterMapper.
Finally, you need to ensure that the newly added user actually has access to the maps which you have created and want users to be able to access via the Splunk app. To do this from the Server Settings window go to the Map Access option below Users. From here you need to ensure that the Splunk user has web access to each map you want it to be able to view and export information about.
Question 4: Currently the app only supports one location (web server) to grab maps. A map status probe on the main server to the two other servers would show the status of maps on other servers, but not the actual maps. I'll work to get a date on this feature.
Overview on how the app works:
The app is based on operational experience from implementing online service monitoring for a few large customers.
They use Splunk as their “single pane,” and InterMapper as a flexible data source of active monitoring
- Intermapper sends notifications via syslog to Splunk
- The Splunk app uses the InterMapper web server api for images etc.
- The Splunk app uses a .csv output of an InterMapper Layer2 probe for the switch information
- The app organizes, formats and correlates those sources for easy use.
I hope that helps. Let me know if there are any issues of follow up questions.
Gurdev Sethi
Product Manager
InterMapper
Routing logs with Splunk OTel Collector for Kubernetes
Welcome to the Splunk Community!
Tech Talk | Elevating Digital Service Excellence: The Synergy of Splunk RUM & APM
