Solved: Cloudtrail aws-cloudtrail.py error

atanasoffa · ‎04-30-2014

Hello:

I am trying to ingest Cloudtrail data into Splunk App for AWS. When i look at the internal logs for this script, I get the following errors regarding the run() method in the script:

ERROR ExecProcessor - message from "python /apps/splunk/etc/apps/SplunkAppforAWS/bin/aws-cloudtrail.py" KeyError: 'Message'
ERROR ExecProcessor - message from "python /apps/splunk/etc/apps/SplunkAppforAWS/bin/aws-cloudtrail.py" message = json.loads(envelope["Message"])
ERROR ExecProcessor - message from "python /apps/splunk/etc/apps/SplunkAppforAWS/bin/aws-cloudtrail.py" File "/apps/splunk/etc/apps/SplunkAppforAWS/bin/aws-cloudtrail.py", line 205, in run

Has anyone remediated this already?

Thanks in advance.

grinabms · ‎05-05-2014

BTW, I checked my old splunkd.log files, and that's exactly the error message I was getting. The fix in the other thread solved my problem.

-Pete

View solution in original post

grinabms · ‎05-05-2014

BTW, I checked my old splunkd.log files, and that's exactly the error message I was getting. The fix in the other thread solved my problem.

-Pete

Cloudtrail aws-cloudtrail.py error

.conf25 technical session recap of Observability for Gen AI: Monitoring LLM ...

A Season of Skills: New Splunk Courses to Light Up Your Learning Journey

Announcing the Migration of the Splunk Add-on for Microsoft Azure Inputs to ...

Join the Conversation

Cloudtrail aws-cloudtrail.py error

.conf25 technical session recap of Observability for Gen AI: Monitoring LLM ...

A Season of Skills: New Splunk Courses to Light Up Your Learning Journey

Announcing the Migration of the Splunk Add-on for Microsoft Azure Inputs to ...