Re: How to fix the Splunk mint connection refused ...

ppanchal · ‎11-03-2017

I am getting the below error after configuring the splunk mint addon,

ERROR [mi_cds.py] Exception performing HTTP request: HTTPSConnectionPool(host='wm.cds.splkmobile.com', port=443): Max retries exceeded with url: /api/v1/events (Caused by ProxyError('Cannot connect to proxy.', error(111, 'Connection refused')))

How to fix this? Please help.

parthiv · ‎11-07-2017

Hi,

I was facing the same issue. After so much trial and error we found that this issue is related to proxy address.

The proxy address should be in http://10.10.1.10:3128 or https://user:pass@10.10.1.10:3128 format.

And when you do not add the port number or you add the wrong port number you will face Caused by ProxyError('Cannot connect to proxy.', error(111, 'Connection refused'))) error.

Thanks

ppanchal · ‎11-09-2017

What should be the user:pass and IP address in the proxy address? Also, after fixing this, are you able to see the logs now?

harsmarvania57 · ‎11-06-2017

Hi @ppanchal,

Have you checked conenctivity between you server on which mint add-on is installed and wm.cds.splkmobile.com on port 443 ?

Looks like connectivity issue.

ppanchal · ‎11-06-2017

The connectivity issue seems to be solved by itself.

But now below are the 3 messages I see in the logs continuously,

06/11/2017
13:27:18.349

2017-11-06 13:27:18,349 DEBUG [connectionpool.py] "PUT /api/v2/events HTTP/1.1" 304 0

2017-11-06 13:27:18,112 INFO [connectionpool.py] Starting new HTTPS connection (1): data.cds.splkmobile.com

13:27:13.101

2017-11-06 13:27:13,101 INFO [mi_cds.py] Modular input [mi_cds://default] in progress: phase=fetch ms=231.79 KB=0.000

Can you please assist?

harsmarvania57 · ‎11-07-2017

Mint Add-on will fetch data periodically from Splunk Mint Cloud and during every run you will able to find below entries in $SPLUNK_HOME/var/log/splunk/mint.log

    2017-11-07 09:02:47,680 DEBUG [connectionpool.py] "PUT /api/v2/events HTTP/1.1" 200 7832
    2017-11-07 09:02:47,686 INFO [mi_cds.py] Modular input [mi_cds://default] in progress: phase=fetch ms=784.29 KB=7.648
    2017-11-07 09:02:47,687 INFO [mi_cds.py] Modular input [mi_cds://default] in progress: phase=process ms=1.69 KB=67.337 ev=106

Can you please provide cds_url parameter value from $SPLUNK_HOME/etc/apps/Splunk_TA_mint/local/inputs.conf ?

ppanchal · ‎11-07-2017

Mine is https://data.cds.splkmobile.com/api/v2/events, still I do not see any logs for index=mint

parthiv · ‎11-07-2017

Hi,

my cds_url = https://wm.cds.splkmobile.com

harsmarvania57 · ‎11-07-2017

Strange, the one I am using has cds_url = https://data.cds.splkmobile.com/api/v2/events but anyway both refers to same IP. Which version of Mint Add-on are you using, maybe it's due to different version.

parthiv · ‎11-07-2017

Hi,

I got the following error in the mint.log

2017-11-07 10:08:10,774 INFO [connectionpool.py] Starting new HTTPS connection (1): data.cds.splkmobile.com

2017-11-07 10:08:12,048 DEBUG [connectionpool.py] "PUT /api/v2/events HTTP/1.1" 304 0
2017-11-07 10:08:12,051 INFO [mi_cds.py] Modular input [mi_cds://default] in progress: phase=fetch ms=1278.82 KB=0.000

parthiv · ‎11-07-2017

And we are using the latest version of mint add on.

harsmarvania57 · ‎11-07-2017

These are INFO logs, are you not getting any data in mint index in your splunk enterprise? Do you have any data in Mint Management console (https://mint.splunk.com/) ?

ppanchal · ‎11-07-2017

I have data in mint management console but still nothing in splunk. Please assist.

parthiv · ‎11-07-2017

Hi @ppanchal

How did you resolve the connectivity issue?
Can you please provide the step as I am facing the same issue.

Thanks

How to fix the Splunk mint connection refused error?

Routing logs with Splunk OTel Collector for Kubernetes

Welcome to the Splunk Community!

Tech Talk | Elevating Digital Service Excellence: The Synergy of Splunk RUM & APM