Splunk OTEL Collector throwing Timeout and Authent...

devsru · ‎09-26-2023

We are seeing some Timeout and Authentication error while collecting data from OTEL kubernetes collector through HEC, Could anyone please let me know if there is a need to change limits in config files.

Below are the errors

2023-09-26T14:47:17.613Z info exporterhelper/queued_retry.go:433 Exporting failed. Will retry the request after interval. {"kind": "exporter", "data_type": "metrics", "name": "splunk_hec/platform_metrics", "error": "Post \"https://xyz:8088/services/collector\": net/http: request canceled (Client.Timeout exceeded while awaiting headers)", "interval": "2.769200676s"}

2023-09-26T14:47:11.590Z error exporterhelper/queued_retry.go:401 Exporting failed. The error is not retryable. Dropping data. {"kind": "exporter", "data_type": "metrics", "name": "splunk_hec/platform_metrics", "error": "Permanent error: \"HTTP/1.1 401 Unauthorized\\r\\nContent-Length: 148\\r\\nCache-Control: private\\r\\nConnection: Keep-Alive\\r\\nContent-Type: text/xml; charset=UTF-8\\r\\nDate: Tue, 26 Sep 2023 14:47:11 GMT\\r\\nServer: Splunkd\\r\\nVary: Authorization\\r\\nX-Content-Type-Options: nosniff\\r\\nX-Frame-Options: SAMEORIGIN\\r\\n\\r\\n<?xml version=\\\"1.0\\\" encoding=\\\"UTF-8\\\"?>\\n<response>\\n <messages>\\n <msg type=\\\"WARN\\\">call not properly authenticated</msg>\\n </messages>\\n</response>\\n\"", "dropped_items": 31}

Splunk OTEL Collector throwing Timeout and Authentication error.

data

HTTP Event Collector

indexer

JSON

Threat Hunting Unlocked: How to Uplevel Your Threat Hunting With the PEAK Framework ...

Splunk APM: New Product Features + Community Office Hours Recap!

Index This | Forward, I’m heavy; backward, I’m not. What am I?