All Apps and Add-ons

Cisco eStreamer for Splunk: After running the app's setup, why am I getting "status="ERROR: The app has not yet been setup""?

jeffriesa
Path Finder

I have installed the Cisco eStreamer for Splunk app, but after running the setup, the estreamer isn't running?

So when i run ./client_check.py i get the following error:

 status_id=-1 status="ERROR: The app has not yet been setup."

I am running redhat and all the perl modules are installed. The app is configured with the Certificate path and filename and the Defense Center IP address.

When i run ./estreamer_client.pl i do get the following which shows that the modules are installed:

Usage:  estreamer_client.pl [options]
Options:
        [-c]onfig=<config filename>
        [-l]ogfile=<log filename>
        [-t]est
        [-d]aemon

There are no debug logs, any ideas?

0 Karma
1 Solution

jeffriesa
Path Finder

So after looking at this for a while i looked in client_check.py.

There are the following fields that i found:

Set base path based on OS

if (platform == 'Windows'):
import win32api
splunk_path = os.getenv('SPLUNK_HOME', 'C:\Program Files\Splunk\')
splunk_path = win32api.GetShortPathName(splunk_path)
else:
splunk_path = os.getenv('SPLUNK_HOME', '/opt/splunk')

Out splunk deployment is not in /opt/splunk so i changed it to /apps/splunk.

Then when i ran ./client_check.py and got it running!
event_sec=1427362392 status_id=1 status="eStreamer client is running."

View solution in original post

jeffriesa
Path Finder

So after looking at this for a while i looked in client_check.py.

There are the following fields that i found:

Set base path based on OS

if (platform == 'Windows'):
import win32api
splunk_path = os.getenv('SPLUNK_HOME', 'C:\Program Files\Splunk\')
splunk_path = win32api.GetShortPathName(splunk_path)
else:
splunk_path = os.getenv('SPLUNK_HOME', '/opt/splunk')

Out splunk deployment is not in /opt/splunk so i changed it to /apps/splunk.

Then when i ran ./client_check.py and got it running!
event_sec=1427362392 status_id=1 status="eStreamer client is running."

View solution in original post

Did you miss .conf21 Virtual?

Good news! The event's keynotes and many of its breakout sessions are now available online, and still totally FREE!