Solved: Cloudtrail aws-cloudtrail.py error

atanasoffa · ‎04-30-2014

Hello:

I am trying to ingest Cloudtrail data into Splunk App for AWS. When i look at the internal logs for this script, I get the following errors regarding the run() method in the script:

ERROR ExecProcessor - message from "python /apps/splunk/etc/apps/SplunkAppforAWS/bin/aws-cloudtrail.py" KeyError: 'Message'
ERROR ExecProcessor - message from "python /apps/splunk/etc/apps/SplunkAppforAWS/bin/aws-cloudtrail.py" message = json.loads(envelope["Message"])
ERROR ExecProcessor - message from "python /apps/splunk/etc/apps/SplunkAppforAWS/bin/aws-cloudtrail.py" File "/apps/splunk/etc/apps/SplunkAppforAWS/bin/aws-cloudtrail.py", line 205, in run

Has anyone remediated this already?

Thanks in advance.

grinabms · ‎05-05-2014

BTW, I checked my old splunkd.log files, and that's exactly the error message I was getting. The fix in the other thread solved my problem.

-Pete

View solution in original post

grinabms · ‎05-05-2014

BTW, I checked my old splunkd.log files, and that's exactly the error message I was getting. The fix in the other thread solved my problem.

-Pete

Cloudtrail aws-cloudtrail.py error

Developer Spotlight with Paul Stout

State of Splunk Careers 2024: Maximizing Career Outcomes and the Continued Value of ...

Data-Driven Success: Splunk & Financial Services