All Apps and Add-ons

Palo Alto Networks App for Splunk 5.0: Why does the "pancontentpack" command returned error "ImportError: No module named xmltodict"?

swong2
Path Finder

I installed the latest Palo Alto Networks App for Splunk (v5.0) and tried to run the "pancontentpack" script/command to update the applications and threat signatures (app_list.csv & threat_list.csv).

I tried the following search commands, but got the "ImportError: No module named xmltodict" error in search.log

| pancontentpack  apps
| pancontentpack  threats

search.log

02-02-2016 21:14:26.028 ERROR ScriptRunner - stderr from '/opt/splunk/bin/python /opt/splunk/etc/apps/SplunkforPaloAltoNetworks/bin/panContentPack.py  threats':  Traceback (most recent call last):
02-02-2016 21:14:26.028 ERROR ScriptRunner - stderr from '/opt/splunk/bin/python /opt/splunk/etc/apps/SplunkforPaloAltoNetworks/bin/panContentPack.py  threats':    File "/opt/splunk/etc/apps/SplunkforPaloAltoNetworks/bin/panContentPack.py", line 54, in 
02-02-2016 21:14:26.028 ERROR ScriptRunner - stderr from '/opt/splunk/bin/python /opt/splunk/etc/apps/SplunkforPaloAltoNetworks/bin/panContentPack.py  threats':      import xmltodict
02-02-2016 21:14:26.028 ERROR ScriptRunner - stderr from '/opt/splunk/bin/python /opt/splunk/etc/apps/SplunkforPaloAltoNetworks/bin/panContentPack.py  threats':  ImportError: No module named xmltodict
02-02-2016 21:14:26.039 ERROR script - sid:1454447665.852 External search command 'pancontentpack' returned error code 1. 

Any ideas on how to fix it?

0 Karma

panguy
Contributor

This issue is resolved in version 6.0.0 of the App.

0 Karma

avinashd16
New Member

Helllo, Is this issue resolved. Even i am also getting the same error when i am trying to run the saved search to update the metadata.I am using the splunk version 7.0.

0 Karma

btorresgil
Builder

Hello, can you tell me what version of Splunk you are using? Thanks!

0 Karma

swong2
Path Finder

Splunk Enterprise 6.3.0

0 Karma

btorresgil
Builder

We found an error and are fixing it, but I don't think it's the same error you're seeing. Can you tell me exactly what version of the App and PAN-OS you are using? Thanks!

0 Karma

swong2
Path Finder

It was a old post from last year and was fixed. I have a new problem posted at https://answers.splunk.com/answers/581041/palo-alto-networks-app-for-splunk-531-pancontentpa.html. Thanks!

0 Karma
Get Updates on the Splunk Community!

Introduction to Splunk Observability Cloud - Building a Resilient Hybrid Cloud

Introduction to Splunk Observability Cloud - Building a Resilient Hybrid Cloud  In today’s fast-paced digital ...

Observability protocols to know about

Observability protocols define the specifications or formats for collecting, encoding, transporting, and ...

Take Your Breath Away with Splunk Risk-Based Alerting (RBA)

WATCH NOW!The Splunk Guide to Risk-Based Alerting is here to empower your SOC like never before. Join Haylee ...