All Apps and Add-ons

Cisco eStreamer for Splunk: After running the app's setup, why am I getting "status="ERROR: The app has not yet been setup""?

jeffriesa
Path Finder

I have installed the Cisco eStreamer for Splunk app, but after running the setup, the estreamer isn't running?

So when i run ./client_check.py i get the following error:

 status_id=-1 status="ERROR: The app has not yet been setup."

I am running redhat and all the perl modules are installed. The app is configured with the Certificate path and filename and the Defense Center IP address.

When i run ./estreamer_client.pl i do get the following which shows that the modules are installed:

Usage:  estreamer_client.pl [options]
Options:
        [-c]onfig=<config filename>
        [-l]ogfile=<log filename>
        [-t]est
        [-d]aemon

There are no debug logs, any ideas?

0 Karma
1 Solution

jeffriesa
Path Finder

So after looking at this for a while i looked in client_check.py.

There are the following fields that i found:

Set base path based on OS

if (platform == 'Windows'):
import win32api
splunk_path = os.getenv('SPLUNK_HOME', 'C:\Program Files\Splunk\')
splunk_path = win32api.GetShortPathName(splunk_path)
else:
splunk_path = os.getenv('SPLUNK_HOME', '/opt/splunk')

Out splunk deployment is not in /opt/splunk so i changed it to /apps/splunk.

Then when i ran ./client_check.py and got it running!
event_sec=1427362392 status_id=1 status="eStreamer client is running."

View solution in original post

jeffriesa
Path Finder

So after looking at this for a while i looked in client_check.py.

There are the following fields that i found:

Set base path based on OS

if (platform == 'Windows'):
import win32api
splunk_path = os.getenv('SPLUNK_HOME', 'C:\Program Files\Splunk\')
splunk_path = win32api.GetShortPathName(splunk_path)
else:
splunk_path = os.getenv('SPLUNK_HOME', '/opt/splunk')

Out splunk deployment is not in /opt/splunk so i changed it to /apps/splunk.

Then when i ran ./client_check.py and got it running!
event_sec=1427362392 status_id=1 status="eStreamer client is running."

Get Updates on the Splunk Community!

Stay Connected: Your Guide to July and August Tech Talks, Office Hours, and Webinars!

Dive into our sizzling summer lineup for July and August Community Office Hours and Tech Talks. Scroll down to ...

Edge Processor Scaling, Energy & Manufacturing Use Cases, and More New Articles on ...

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

Get More Out of Your Security Practice With a SIEM

Get More Out of Your Security Practice With a SIEMWednesday, July 31, 2024  |  11AM PT / 2PM ETREGISTER ...