When I run the cli below it works but fails because the python version on the Linux server is 2.6.6.
AWS_ACCESS_KEY_ID=... AWS_SECRET_ACCESS_KEY=... aws s3 sync /opt/splunk/aws_cisco/ s3://cisco-managed-us.../...
see https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
SNIMissingWarning
But Splunk is using version 2.7.13 which per the link above would work.
Is there a way to run the cli via a splunk cmd? My attempts have failed so far.
Whereas it probably can be done the final 'supported' solution was the python3 for RHEL6.
There is also a side note regarding syntax:
AWS_ACCESS_KEY_ID=... AWS_SECRET_ACCESS_KEY=... aws s3 sync /opt/splunk/aws_cisco/ s3://cisco-managed-us.../...
should have been written as:
AWS_ACCESS_KEY_ID=... AWS_SECRET_ACCESS_KEY=... aws s3 sync s3://cisco-managed-us.../.../ /opt/splunk/aws_cisco/
Because the goal was to sync the s3 bucket to the local storage at which point Splunk could read the files in the local storage and ingest the desired data.
Why not upgrade the version of python on the linux server? I don't think pathing it through Splunk would work due to the aws cli possible dependencies.
It has to be a version that RHEL supports.
Per a server tech "Red Hat has another Repo that has python3 for RHEL6 in it" so we are checking that now