https://community.splunk.com/t5/Getting-Data-In/Cisco-Security-map-errors/m-p/139350#M28653 <P>I'm testing Splunk 6. It's a single server with 1 data input configured (syslog UDP port 514). I'm receiving the messages from my firewalls fine and I can run manual searches on the logs. I'm trying out the Cisco Security Suite. Pretty much every time I try to use it either the map doesn't show any overlays or I get the following error.</P> <BLOCKQUOTE> <P>Traceback (most recent call last):<BR /><BR /> File "C:\Program<BR /> Files\Splunk\etc\apps\maps\appserver\modules\GoogleMaps\GoogleMaps.py",<BR /> line 53, in generateResults<BR /> for result in getattr(job, entity_name)[offset:end]: File<BR /> "C:\Program<BR /> Files\Splunk\Python-2.7\Lib\site-packages\splunk\search_<EM>init</EM><EM>.py",<BR /> line 1332, in __getitem</EM>_<BR /> self.job.pushValidation() File "C:\Program<BR /> Files\Splunk\Python-2.7\Lib\site-packages\splunk\search_<EM>init</EM>_.py",<BR /> line 637, in pushValidation<BR /> raise splunk.SearchException, fatality SearchException: Error in<BR /> 'script': Getinfo probe failed for<BR /> external search command 'geoip'</P> </BLOCKQUOTE> <P>I ran a test to isolate the issue by just running a manual search with geoip on the src_ip and it worked perfectly without an errors so I know that geoip is working. What could be causing these errors with the Cisco Security Suite and the map?</P> Mon, 28 Sep 2020 15:15:47 GMT adrianp 2020-09-28T15:15:47Z https://community.splunk.com/t5/Getting-Data-In/Cisco-Security-map-errors/m-p/139350#M28653 <P>I'm testing Splunk 6. It's a single server with 1 data input configured (syslog UDP port 514). I'm receiving the messages from my firewalls fine and I can run manual searches on the logs. I'm trying out the Cisco Security Suite. Pretty much every time I try to use it either the map doesn't show any overlays or I get the following error.</P> <BLOCKQUOTE> <P>Traceback (most recent call last):<BR /><BR /> File "C:\Program<BR /> Files\Splunk\etc\apps\maps\appserver\modules\GoogleMaps\GoogleMaps.py",<BR /> line 53, in generateResults<BR /> for result in getattr(job, entity_name)[offset:end]: File<BR /> "C:\Program<BR /> Files\Splunk\Python-2.7\Lib\site-packages\splunk\search_<EM>init</EM><EM>.py",<BR /> line 1332, in __getitem</EM>_<BR /> self.job.pushValidation() File "C:\Program<BR /> Files\Splunk\Python-2.7\Lib\site-packages\splunk\search_<EM>init</EM>_.py",<BR /> line 637, in pushValidation<BR /> raise splunk.SearchException, fatality SearchException: Error in<BR /> 'script': Getinfo probe failed for<BR /> external search command 'geoip'</P> </BLOCKQUOTE> <P>I ran a test to isolate the issue by just running a manual search with geoip on the src_ip and it worked perfectly without an errors so I know that geoip is working. What could be causing these errors with the Cisco Security Suite and the map?</P> Mon, 28 Sep 2020 15:15:47 GMT https://community.splunk.com/t5/Getting-Data-In/Cisco-Security-map-errors/m-p/139350#M28653 adrianp 2020-09-28T15:15:47Z https://community.splunk.com/t5/Getting-Data-In/Cisco-Security-map-errors/m-p/139351#M28654 <P>Did you get an answer to this question? I am running a single server with a data input from a local Mysql database. I get the following error message when I run the search query. However, the error is not consistent. In other words, I get the error only about 50% of the time with the same search query.</P> <P>Search query: <BR /> host="XXXX" sourcetype="dbmon:kv" | geoip source_ip</P> <P>Error:<BR /> Traceback (most recent call last):<BR /> File "C:\Program Files\Splunk\etc\apps\maps\appserver\modules\GoogleMaps\GoogleMaps.py", line 53, in generateResults<BR /> for result in getattr(job, entity_name)[offset:end]:<BR /> File "C:\Program Files\Splunk\Python-2.7\Lib\site-packages\splunk\search_<EM>init</EM><EM>.py", line 1332, in __getitem</EM>_<BR /> self.job.pushValidation()<BR /> File "C:\Program Files\Splunk\Python-2.7\Lib\site-packages\splunk\search_<EM>init</EM>_.py", line 637, in pushValidation<BR /> raise splunk.SearchException, fatality<BR /> SearchException: Error in 'script': Getinfo probe failed for external search command 'geoip'</P> Mon, 28 Sep 2020 15:31:43 GMT https://community.splunk.com/t5/Getting-Data-In/Cisco-Security-map-errors/m-p/139351#M28654 nswondem 2020-09-28T15:31:43Z https://community.splunk.com/t5/Getting-Data-In/Cisco-Security-map-errors/m-p/139352#M28655 <P>Nope, I've just moved on from Splunk and I'm currently looking at Elasticsearch.</P> Tue, 31 Dec 2013 02:50:32 GMT https://community.splunk.com/t5/Getting-Data-In/Cisco-Security-map-errors/m-p/139352#M28655 adrianp 2013-12-31T02:50:32Z