All Apps and Add-ons

500 Internal Server Error with EMC Isilon Add-on for Splunk Enterprise. What user account and group configuration is required?

Splunk Employee
Splunk Employee

Hi,

The Isilon account configured within the Isilon TA was generating a “..403 …Forbidden..” error and since adding the account to the audit:admin group, it's now erroring with "500 Internal Server Error".

Please can you advise what user account and group configuration is required within the Isilon config?

Thank you.

0 Karma

New Member

Hello Folks,

Good day!

We are in similar situation. The account with above privileges able to pull the audit logs from Isilon? Please confirm.

Must appreciated your help. Thanks

0 Karma

Path Finder

This is what we currently have configured for our user:

Privileges                  Read/write access 
ISI_PRIV_LOGIN_CONSOLE      N/A 
ISI_PRIV_LOGIN_PAPI             N/A 
ISI_PRIV_LOGIN_SSH          N/A 
ISI_PRIV_ANTIVIRUS          Read-only 
ISI_PRIV_AUDIT              Read-only 
ISI_PRIV_CLUSTER            Read-only 
ISI_PRIV_DEVICES                Read-only 
ISI_PRIV_EVENT              Read-only 
ISI_PRIV_FTP                    Read-only 
ISI_PRIV_HDFS               Read-only 
ISI_PRIV_HTTP               Read-only 
ISI_PRIV_ISCSI              Read-only 
ISI_PRIV_JOB_ENGINE             Read-only 
ISI_PRIV_LICENSE                Read-only 
SI_PRIV_NDMP                Read-only 
ISI_PRIV_NETWORK            Read-only 
ISI_PRIV_NFS                    Read-only 
ISI_PRIV_NTP                Read-only 
ISI_PRIV_QUOTA              Read-only 
ISI_PRIV_REMOTE_SUPPORT     Read-only 
ISI_PRIV_SMARTPOOLS         Read-only 
ISI_PRIV_SMB                Read-only 
ISI_PRIV_SNAPSHOT           Read-only 
ISI_PRIV_STATISTICS             Read-only 
ISI_PRIV_SYNCIQ                 Read-only 
ISI_PRIV_VCENTER            Read-only 
ISI_PRIV_WORM               Read-only 
0 Karma