All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Can't get createdist to work

xavierashe
Contributor
‎12-24-2018 08:43 AM

This app look to have a lot of promise and I am looking forward to using it. I threw it on my DMC to test it, installing it via the web. Bounced Splunk and ran the following command:

| createdist 3.7.2

Here's the error I got back:

External search command 'createdist' returned error code 1. Script output = "messages checking build system type... x86_64-pc-linux-gnu checking host system type... x86_64-pc-linux-gnu checking for python3.7... no checking for python3... no checking for python... python checking for --enable-universalsdk... no checking for --with-universal-archs... no checking MACHDEP... checking for --without-gcc... no checking for --with-icc... no checking for gcc... no checking for cc... no checking for cl.exe... no "

How can I troubleshoot this? I'm running Splunk 6.6.1 on Red Hat Enterprise Linux Server release 6.6

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

badarsebard
Communicator
‎12-24-2018 09:23 AM

As the owner and developer of the PyDen app I first want to say thanks for checking it out! The app is still in the very early stages of development and I'm continuing to improve and test as fast as I can. Based on your post I have a couple of points you should know.

  1. The app has only been tested on Ubuntu and Splunk version 7.2 so far.
  2. PyDen is split into two different Splunk apps: PyDen and PyDen Manager. The PyDen Manager (PDM) app is what will download and compile Python versions that will be added to the PyDen app. The PyDen app, once prepped by PDM, will be deployed out to your production search heads and those virtual environments will be usable by your custom Python scripts.

While there is a version difference on your server, I can't think of anything about the Splunk versions that would cause an issue, so for troubleshooting I'd suggest you try the following:

  1. Verify you have both the PyDen and PyDen Manager app.
  2. Verify that your DMC server has all the needed libraries to compile Python. For RedHat I'd look into yum-builddep python.
  3. Verify you can connect to www.python.org/ftp/python as it is where the Python source code is downloaded from.
  4. Additionally, the createdist command uses a keyword argument for the version so try the following: | createdist version=3.7.2

You can visit the project for the latest information at github.com/badarsebard/pyden-suite and report issue there. Additionally, I'm available to answers questions directly through the Splunk User Groups slack @badarsebard.

View solution in original post

Reply
Solved! Jump to solution

clarecao
Engager
‎04-30-2020 11:36 AM

Found the error when inspect job and search log:
04-30-2020 13:45:59.271 ERROR ScriptRunner - stderr from '/opt/splunk/bin/python2.7 /opt/splunk/etc/apps/pyden-manager/bin/create_dist.py version=3.7.7': Traceback (most recent call last):
04-30-2020 13:45:59.271 ERROR ScriptRunner - stderr from '/opt/splunk/bin/python2.7 /opt/splunk/etc/apps/pyden-manager/bin/create_dist.py version=3.7.7': File "/opt/splunk/etc/apps/pyden-manager/bin/create_dist.py", line 204, in
04-30-2020 13:45:59.271 ERROR ScriptRunner - stderr from '/opt/splunk/bin/python2.7 /opt/splunk/etc/apps/pyden-manager/bin/create_dist.py version=3.7.7': build_dist(dist_version, download_arg)
04-30-2020 13:45:59.271 ERROR ScriptRunner - stderr from '/opt/splunk/bin/python2.7 /opt/splunk/etc/apps/pyden-manager/bin/create_dist.py version=3.7.7': File "/opt/splunk/etc/apps/pyden-manager/bin/create_dist.py", line 88, in build_dist
04-30-2020 13:45:59.271 ERROR ScriptRunner - stderr from '/opt/splunk/bin/python2.7 /opt/splunk/etc/apps/pyden-manager/bin/create_dist.py version=3.7.7': del os.environ['PYTHONPATH']
04-30-2020 13:45:59.271 ERROR ScriptRunner - stderr from '/opt/splunk/bin/python2.7 /opt/splunk/etc/apps/pyden-manager/bin/create_dist.py version=3.7.7': File "/opt/splunk/lib/python2.7/os.py", line 498, in delitem
04-30-2020 13:45:59.271 ERROR ScriptRunner - stderr from '/opt/splunk/bin/python2.7 /opt/splunk/etc/apps/pyden-manager/bin/create_dist.py version=3.7.7': del self.data[key]
04-30-2020 13:45:59.271 ERROR ScriptRunner - stderr from '/opt/splunk/bin/python2.7 /opt/splunk/etc/apps/pyden-manager/bin/create_dist.py version=3.7.7': KeyError: 'PYTHONPATH'
04-30-2020 13:45:59.303 ERROR script - sid:1588268752.16252 External search command 'createdist' returned error code 1. .

0 Karma
Reply
Solved! Jump to solution

clarecao
Engager
‎04-29-2020 07:52 PM

I have two splunk instances, one is splunk-7.3.1 on RHEL 7.5., second one is splunk-8.0.0 on RHEL 7.4.
1). On both servers, i have built Cpython from source no issue and no issue in using pipenv creating user python virtual environment. That means all the libs are installed and available.
2.) I setup the same proxy/non_proxy entries in splunk.launch.conf file so they can connect to the internet.
3.) I used both green button and run the createdist command on both splunk instance as admin.
4.) Here is where i get lost:
A: On the first splunk instance, pyden-manager can download/build cpython dist and i can see them in pyden dir: # ls /opt/splunk/etc/apps/pyden/local/lib/dist/3.8.2/bin
2to3-3.8 easy_install-3.8 idle3.8 pip pip3 pip3.8 pydoc3.8 python3.8 python3.8-config
B: On second splunk, it will appeared to download/build, but it does not. And i can tell it has run into a issue since the createdist take too short to finish. It only create a empty dir:
]# ls -l /opt/splunk/etc/apps/pyden/local/lib/dist
total 0
drwx--x---. 2 root root 6 Apr 29 22:21 3.7.7
drwxr-xr-x. 2 splunk splunk 6 Apr 29 22:12 3.8.2
The error message does not really tell me anything:
| createdist version=3.7.7
External search command 'createdist' returned error code 1. .
5:) I have since then delete pyden-manager and pyden apps, restart splunk, reinstalled the two apps. I also check the splunk_home location, ownder and permissions etc. Still no idea what is wrong.
6.) is there a log that can give me some clue? How do i trouble shooting the issue?
Please help.
Clare

0 Karma
Reply
Solved! Jump to solution

badarsebard
Communicator
‎04-29-2020 08:33 PM

PyDen is not compatible with Splunk 8.0. Please feel free to open an issue on the GitHub for the repo and if there is sufficient interest I'll look into upgrading it. With the direction Splunk is moving however, the issues PyDen resolves are limited to using non standard libraries which is a very narrow use case most of the time.

0 Karma
Reply
Solved! Jump to solution
Solution

badarsebard
Communicator
‎12-24-2018 09:23 AM

As the owner and developer of the PyDen app I first want to say thanks for checking it out! The app is still in the very early stages of development and I'm continuing to improve and test as fast as I can. Based on your post I have a couple of points you should know.

  1. The app has only been tested on Ubuntu and Splunk version 7.2 so far.
  2. PyDen is split into two different Splunk apps: PyDen and PyDen Manager. The PyDen Manager (PDM) app is what will download and compile Python versions that will be added to the PyDen app. The PyDen app, once prepped by PDM, will be deployed out to your production search heads and those virtual environments will be usable by your custom Python scripts.

While there is a version difference on your server, I can't think of anything about the Splunk versions that would cause an issue, so for troubleshooting I'd suggest you try the following:

  1. Verify you have both the PyDen and PyDen Manager app.
  2. Verify that your DMC server has all the needed libraries to compile Python. For RedHat I'd look into yum-builddep python.
  3. Verify you can connect to www.python.org/ftp/python as it is where the Python source code is downloaded from.
  4. Additionally, the createdist command uses a keyword argument for the version so try the following: | createdist version=3.7.2

You can visit the project for the latest information at github.com/badarsebard/pyden-suite and report issue there. Additionally, I'm available to answers questions directly through the Splunk User Groups slack @badarsebard.

Reply
Solved! Jump to solution

xavierashe
Contributor
‎12-24-2018 10:05 AM

Thanks for the quick reply.
1. I didn't have them both. I do now.
2. The server I'm on doesn't have the Satellite configured properly, so yum isn't working right.
3. This works
4. Thanks for the reminder. It's been I while since I used custom commands. Might want to make that clearer in your README.

Well, I need to find a Linux admin to fix my yum issues. Googling around it looks like I need to run "yum install @development" to get the prereqs.

0 Karma
Reply
Solved! Jump to solution

badarsebard
Communicator
‎12-24-2018 11:02 AM

Great, let me know how it turns out. I'm looking to improve the documentation in the next release so I'll incorporate your feedback and add some more explicit examples and tutorials.

0 Karma
Reply
Get Updates on the Splunk Community!

Welcome to the Splunk Community!

(view in My Videos) We're so glad you're here! The Splunk Community is place to connect, learn, give back, and ...

Tech Talk | Elevating Digital Service Excellence: The Synergy of Splunk RUM & APM

Elevating Digital Service Excellence: The Synergy of Real User Monitoring and Application Performance ...

Adoption of RUM and APM at Splunk

    Unleash the power of Splunk Observability   Watch Now In this can't miss Tech Talk! The Splunk Growth ...