All Apps and Add-ons

Issue with Splunk Infrastructure Monitoring Add-On: SSL: TLSV1_ALERT_INTERNAL_ERROR


I configured the Splunk Infrastructure Monitoring add-on with Splunk Observability Cloud in order to receive infrastructure metrics from Splunk Observability. The connection was successful, as confirmed by the Add-On's Connection Status test: sim_ta_infra_1.png

However, when I try to search for any data using the sim flow command, I receive the following error:

Error in "sim" command: Error executing SignalFlow program. error_msg=[SSL: TLSV1_ALERT_INTERNAL_ERROR] tlsv1 alert internal error (_ssl.c:1106)". 

sim_ta_infra_2.pngQuery used to test:


| sim flow query="data('cpu.utilization', filter=filter('host', '*') and (not filter('cloud.provider', '*')) and (not filter('AWSUniqueId', '*')) and (not filter('gcp_id', '*')) and (not filter('azure_resource_id', '*')) and (not filter('kubernetes_node', '*')), extrapolation='last_value', maxExtrapolations=2).mean(by=['host']).count().publish()"


I have done this kind of configuration several times, but I have never incurred in such an error. I even used the same query on another configuration to cross-check, and it's working fine.

Could it be a connection issue? Perhaps the search head is blocking some outside connection? Or is my environment using a different SSL package? Nevertheless, something seems to be preventing data from coming in.

Additionally sharing type+version of the OS instance:


And OpenSSL version:


Does anyone have any suggestions, tips, ideas?



Labels (3)
Get Updates on the Splunk Community!

Announcing the 1st Round Champion’s Tribute Winners of the Great Resilience Quest

We are happy to announce the 20 lucky questers who are selected to be the first round of Champion's Tribute ...

We’ve Got Education Validation!

Are you feeling it? All the career-boosting benefits of up-skilling with Splunk? It’s not just a feeling, it's ...

What’s New in Splunk Cloud Platform 9.1.2308?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2308! Analysts can ...