All Apps and Add-ons

Integration between Splunk and SolarWinds

aalhabbash1
Path Finder

Hi Splunker;

We have integrated with SolarWinds since aug 2019, and Splunk receiving logs from it.

Suddenly Splunk stop receiving logs from SolarWind.

And when check splunkd.logs, I have got some errors, you can see the below error.

2019-11-28 05:02:44,961 +0000 log_level=ERROR, pid=12000, tid=Thread-4, file=engine.py, func_name=_send_request, code_line_no=302 | [stanza_name="SolwarWinds_Query"] HTTPError reason=HTTP Error [Errno 104] Connection reset by peer when sending request to url=https://10.0.11.131:17778/SolarWinds/InformationService/v3/Json/Query?query=select AuditEventID, TimeLoggedUTC, AccountID, typ.ActionTypeDisplayName, AuditEventMessage from dbo.AuditingEvents Ev inner join dbo.AuditingActionTypes typ on ev.ActionTypeID = typ.ActionTypeID method=GETTraceback (most recent call last): File "/data/splunk/etc/apps/Splunk_TA_SolarWinds/bin/splunk_ta_solarwinds/cloudconnectlib/core/engine.py", line 297, in _send_request url, method, headers=header, body=body File "/data/splunk/etc/apps/Splunk_TA_SolarWinds/bin/splunk_ta_solarwinds/cloudconnectlib/core/http.py", line 167, in request result = self._do_request(uri, method, headers, body) File "/data/splunk/etc/apps/Splunk_TA_SolarWinds/bin/splunk_ta_solarwinds/cloudconnectlib/core/http.py", line 220, in _do_request raise HTTPError('HTTP Error %s' % str(err)) HTTPError: HTTP Error [Errno 104] Connection reset by peer

HTTPError: HTTP Error Unable to find the server at https
2019-11-27 13:25:08,667 +0000 log_level=ERROR, pid=15511, tid=Thread-4, file=http.py, func_name=_do_request, code_line_no=219 | [stanza_name="Solarwinds_Alert"] Could not send request url=https://https//10.0.11.131:17778:17778/SolarWinds/InformationService/v3/Json/Query?

HTTPError reason=HTTP Error [Errno 104] Connection reset by peer when sending request to url=https://10.0.11.131:17778/SolarWinds/InformationService/v3/Json/Query?

Please help me in that as soon as possible.

Thank you

0 Karma
Get Updates on the Splunk Community!

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...