All Apps and Add-ons

Possible Connection Issues regarding WebLogic server as a client to the Splunk SDK for java

syusjk6
Engager

Hi, are there any trouble-shooting issues along with answers or comments regarding connection of WebLogic server to Splunk SDK for Java.

For your information, the Splunk head uses HTTPS and Weblogic is connecting as a client to the Splunk head.
The Splunk heads SSL certificate has been trusted by the Weblogic client.

Here are some excerpts from error messages:

java.lang.RuntimeException: java.lang.RuntimeException: next() may not be called when XMLStreamReader is at END_DOCUMENT* at com.splunk.Entity.refresh(Entity.java:373)
at com.splunk.Entity.refresh(Entity.java:1)
at com.splunk.Resource.validate(Resource.java:183)
at com.splunk.Entity.validate(Entity.java:449)
at com.splunk.Entity.getContent(Entity.java:159)
at com.splunk.Entity.getString(Entity.java:277)
at com.splunk.ServiceInfo.getVersion(ServiceInfo.java:151)
at com.splunk.Service.login(Service.java:964)
at com.splunk.Service.connect(Service.java:155)
at com...util.SplunkUtil.connect(SplunkUtil.java:38)
at com..
.util.splunk.SplunkSSUtil.delete(SplunkSSUtil.java:181)
at com...sp.SpSecDao.delete(SpSecDao.java:80)
at com..
.sp.SpSecService.delete(SpSecService.java:71)
at com...sp.SpSecService$$FastClassByCGLIB$$2259ba9c.invoke()
at net.sf.cglib.proxy.MethodProxy.invoke(MethodProxy.java:149)*
(..........omitted.......)
at **weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:301)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:60)
**
(..........omitted.......)
**at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:60)
at
* org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:60)
at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:60)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3738)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3704)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2281)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2180)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1491)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
*
(..........omitted.......)

**20130110-140615 DEBUG [Slf4jImpl.debug:47] ooo Using Connection [weblogic.jdbc.wrapper.PoolConnection_oracle_jdbc_driver_T4CConnection@8607]
20130110-140615 DEBUG [Slf4jImpl.debug:47] ==> Preparing: update seevnt set edit_cd = 'INACTIVE' , mod_user_id = ? , mod_date = sysdate where 1=1 and evt_id = ?
20130110-140615 DEBUG [Slf4jImpl.debug:47] ==> Parameters: admin(String), 48(Integer)
20130110-140615 INFO [ExecuteTimeInterceptor.postHandle:48] [POST] /
/secIntruPolicy/secIntruPolicyInactive.do, executeTime=113ms**

0 Karma

ywu
Splunk Employee
Splunk Employee

From the call stack, the login request itself was successful, however, response processing of a later request failed.

Running an http trace to see that later request and response seems to be a good first step.

0 Karma

ywu
Splunk Employee
Splunk Employee

Have you resolved the issue? Were you asking how to get http trace?

0 Karma

syusjk6
Engager

So, basically what you're saying is to debug the trace...?
Any other details?

0 Karma
Get Updates on the Splunk Community!

.conf24 | Day 0

Hello Splunk Community! My name is Chris, and I'm based in Canberra, Australia's capital, and I travelled for ...

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

(view in My Videos)Struggling with alert fatigue, lack of context, and prioritization around security ...

Troubleshooting the OpenTelemetry Collector

  In this tech talk, you’ll learn how to troubleshoot the OpenTelemetry collector - from checking the ...