All Apps and Add-ons
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

ImportError: No module named splunk.Intersplunk - In ThreatConnect App.

sathiyasun
Explorer
‎07-15-2018 07:42 PM

When I try to run the python script have been getting the below error. Please advice. Also, trying to configure the threatconnect app but not luck if you have any steps please share that one as well. Thanks.

[spladmin@Splunklab bin]$ ./tc_report.py
Traceback (most recent call last):
  File "./tc_report.py", line 11, in 
    import splunk.Intersplunk
ImportError: No module named splunk.Intersplunk

[root@Splunklab ~]# whereis python
python: /usr/bin/python /usr/bin/python2.7 /usr/lib/python2.7 /usr/lib64/python2.7 /etc/python /usr/include/python2.7 /usr/share/man/man1/python.1.gz

[root@Splunklab ~]# yum list python
Loaded plugins: enabled_repos_upload, package_upload, product-id, search-disabled-repos, subscription-manager
Installed Packages
python.x86_64                                                                            2.7.5-68.el7                                                                             @rhel-7-server-rpms
Uploading Enabled Repositories Report
Loaded plugins: product-id, subscription-manager
0 Karma
Reply

acharlieh
Influencer
‎07-15-2018 09:38 PM

I have not dealt with the ThreatConnect app, but their User Guide including setup instructions is available through their site: https://kb.threatconnect.com/customer/portal/articles/2146321--threatconnect-app-for-splunk-enterpri...

I suspect that the python script in question designed to be launched by Splunk / using the built in python that is shipped with Splunk, and is not supposed to be launched using your system python installation. I reach that conclusion through two older answers posts:

First this answer discussing how launching a script directly from the command line is not the same as launching it through Splunk : https://answers.splunk.com/answering/417389/view.html

And then this answer about invoking the python interpreter through Splunk to find out about splunk.Intersplunk from a Splunk installation: https://answers.splunk.com/answering/7910/view.html

Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions

This challenge was first posted on Slack #puzzles channelFor BORE at .conf23, we had a puzzle question which ...

Splunk Community Badges!

  Hey everyone! Ready to earn some serious bragging rights in the community? Along with our existing badges ...

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

This puzzle (first published here) is based on matching timestamps to cron expressions.All the timestamps ...