Hello,
I found a solution to get the addon working on a splunk indexer with WAS jmx connection and enabled administrative security.
1. Download IBM SDK
download version 7 from http://www.ibm.com/developerworks/java/jdk/eclipse
2. Set environment variables
JAVA_HOME=D:\ibm_sdk70
SPLUNK_HOME=D:\Splunk
3. copy WAS' trust store to splunk instance
copy trust store to "D:/Splunk/etc/apps/Splunk_TA_jmx/trust.p12"
4. Enhance addon's jmx.py
# Set to True to use the MX4J JMX implementation
# USE_MX4J = True
# Set to True to test SSL
#TEST_SSL = True
TEST_SSL = False
[...]
#BOOTPATH = build_classpath(sep.join([MODINPUT_HOME, 'bin', 'lib', 'boot']), psep)
#if USE_MX4J:
# BOOTPATH = BOOTPATH + build_classpath(sep.join([MODINPUT_HOME, 'bin', 'lib', 'mx4j_boot']), psep)
#"-Xbootclasspath/p:" + BOOTPATH,
JAVA_ARGS = [JAVA_EXECUTABLE, "-classpath", CLASSPATH,
#"-Dcom.ibm.CORBA.enableClientCallbacks=true", # unknown property was set while testing
"-Dcom.ibm.CORBA.ConfigURL=file:D:\\Splunk\\etc\\apps\\Splunk_TA_jmx\\sas.client.props", # required for a secure connection to WAS
"-Dcom.ibm.SSL.ConfigURL=file:D:\\Splunk\\etc\\apps\\Splunk_TA_jmx\\ssl.client.props", # required for a secure connection to WAS
#"-Dcom.ibm.CORBA.Debug=true", # enable this to debug
#"-Dcom.ibm.CORBA.CommTrace=true", # enable this to debug
#"-Dcom.ibm.CORBA.Debug.Output=D\\Splunk\\etc\\apps\\Splunk_TA_jmx\\corba.log", # enable this to debug
"-Xms" + MIN_HEAP,
"-Xmx" + MAX_HEAP, "-Dconfighome=" + CONFIG_HOME,
"-Dsplunkhome=" + SPLUNK_HOME, JAVA_MAIN_CLASS]
if TEST_SSL:
TEST_SSL_ARGS = "-Djavax.net.ssl.trustStore=" + SPLUNK_HOME + "/etc/apps/Splunk_TA_jmx/bin/mx4j.ks"
JAVA_ARGS.insert(-1, TEST_SSL_ARGS)
5. copy sas.client.props from WAS & edit
com.ibm.CORBA.securityEnabled=true
[...]
com.ibm.CORBA.authenticationTarget=BasicAuth
com.ibm.CORBA.authenticationRetryEnabled=true
com.ibm.CORBA.authenticationRetryCount=3
com.ibm.CORBA.validateBasicAuth=false
com.ibm.CORBA.securityServerHost=
com.ibm.CORBA.securityServerPort=
com.ibm.CORBA.loginTimeout=300
com.ibm.CORBA.loginSource=properties
# RMI/IIOP user identity
com.ibm.CORBA.loginUserid=<admin user>
com.ibm.CORBA.loginPassword=<password>
[...]
# Does this client support stateful sessions?
com.ibm.CSI.performStateful=true
# Does this client support/require BasicAuth (userid/password) client authentication?
com.ibm.CSI.performClientAuthenticationRequired=false
com.ibm.CSI.performClientAuthenticationSupported=true
# Does this client support/require SSL client authentication?
com.ibm.CSI.performTLClientAuthenticationRequired=false
com.ibm.CSI.performTLClientAuthenticationSupported=false
# Note: You can perform BasicAuth (uid/pw) and SSL client authentication (certificate)
# simultaneously, however, the BasicAuth identity will always take precedence at the server.
# Does this client support/require SSL connections?
com.ibm.CSI.performTransportAssocSSLTLSRequired=true
com.ibm.CSI.performTransportAssocSSLTLSSupported=true
# Does this client support/require 40-bit cipher suites when using SSL?
com.ibm.CSI.performMessageIntegrityRequired=false
com.ibm.CSI.performMessageIntegritySupported=true
# Note: This property is only valid when SSL connections are supported or required.
# Does this client support/require 128-bit cipher suites when using SSL?
com.ibm.CSI.performMessageConfidentialityRequired=false
com.ibm.CSI.performMessageConfidentialitySupported=true
6. copy ssl.client.props from WAS & edit
# TrustStore information
com.ibm.ssl.trustStoreName=ClientDefaultTrustStore
com.ibm.ssl.trustStore=D:/Splunk/etc/apps/Splunk_TA_jmx/trust.p12
com.ibm.ssl.trustStorePassword=<password>
com.ibm.ssl.trustStoreType=PKCS12
com.ibm.ssl.trustStoreProvider=IBMJCE
com.ibm.ssl.trustStoreFileBased=true
com.ibm.ssl.trustStoreReadOnly=false
7. copy some WAS libs to addon
Copy following files from D:/IBM/WebSphere/AppServer/runtimes (WAS instance) to D:/Splunk/etc/apps/Splunk_TA_jmx/bin/lib (splunk indexer)
com.ibm.ws.admin.client_8.5.0.jar
com.ibm.ws.ejb.thinclient_8.5.0.jar
com.ibm.ws.orb_8.5.0.jar
Regards, Jens
... View more