Hi
I can't seem to get the modular inputs for OMS to work - I'm not receiving any data.
I've made the update for the bug for the new version of the query language.
I'm getting the following error.
07-26-2018 12:03:17.948 +0800 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/TA-OMS_Inputs/bin/oms_inputs.py" Traceback (most recent call last):
07-26-2018 12:03:17.948 +0800 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/TA-OMS_Inputs/bin/oms_inputs.py" File "/opt/splunk/etc/apps/TA-OMS_Inputs/bin/ta_oms_inputs/modinput_wrapper/base_modinput.py", line 127, in stream_events
07-26-2018 12:03:17.948 +0800 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/TA-OMS_Inputs/bin/oms_inputs.py" self.collect_events(ew)
07-26-2018 12:03:17.948 +0800 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/TA-OMS_Inputs/bin/oms_inputs.py" File "/opt/splunk/etc/apps/TA-OMS_Inputs/bin/oms_inputs.py", line 96, in collect_events
07-26-2018 12:03:17.948 +0800 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/TA-OMS_Inputs/bin/oms_inputs.py" input_module.collect_events(self, ew)
07-26-2018 12:03:17.948 +0800 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/TA-OMS_Inputs/bin/oms_inputs.py" File "/opt/splunk/etc/apps/TA-OMS_Inputs/bin/input_module_oms_inputs.py", line 51, in collect_events
07-26-2018 12:03:17.948 +0800 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/TA-OMS_Inputs/bin/oms_inputs.py" token_response = context.acquire_token_with_client_credentials('https://management.core.windows.net/', application_id, application_key)
07-26-2018 12:03:17.948 +0800 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/TA-OMS_Inputs/bin/oms_inputs.py" File "/opt/splunk/etc/apps/TA-OMS_Inputs/bin/adal/authentication_context.py", line 160, in acquire_token_with_client_credentials
07-26-2018 12:03:17.948 +0800 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/TA-OMS_Inputs/bin/oms_inputs.py" return self._acquire_token(token_func)
07-26-2018 12:03:17.948 +0800 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/TA-OMS_Inputs/bin/oms_inputs.py" File "/opt/splunk/etc/apps/TA-OMS_Inputs/bin/adal/authentication_context.py", line 109, in _acquire_token
07-26-2018 12:03:17.948 +0800 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/TA-OMS_Inputs/bin/oms_inputs.py" return token_func(self)
07-26-2018 12:03:17.948 +0800 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/TA-OMS_Inputs/bin/oms_inputs.py" File "/opt/splunk/etc/apps/TA-OMS_Inputs/bin/adal/authentication_context.py", line 158, in token_func
07-26-2018 12:03:17.948 +0800 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/TA-OMS_Inputs/bin/oms_inputs.py" return token_request.get_token_with_client_credentials(client_secret)
07-26-2018 12:03:17.948 +0800 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/TA-OMS_Inputs/bin/oms_inputs.py" File "/opt/splunk/etc/apps/TA-OMS_Inputs/bin/adal/token_request.py", line 316, in get_token_with_client_credentials
07-26-2018 12:03:17.948 +0800 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/TA-OMS_Inputs/bin/oms_inputs.py" token = self._oauth_get_token(oauth_parameters)
07-26-2018 12:03:17.948 +0800 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/TA-OMS_Inputs/bin/oms_inputs.py" File "/opt/splunk/etc/apps/TA-OMS_Inputs/bin/adal/token_request.py", line 113, in _oauth_get_token
07-26-2018 12:03:17.948 +0800 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/TA-OMS_Inputs/bin/oms_inputs.py" return client.get_token(oauth_parameters)
07-26-2018 12:03:17.948 +0800 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/TA-OMS_Inputs/bin/oms_inputs.py" File "/opt/splunk/etc/apps/TA-OMS_Inputs/bin/adal/oauth2_client.py", line 262, in get_token
07-26-2018 12:03:17.948 +0800 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/TA-OMS_Inputs/bin/oms_inputs.py" verify=self._call_context.get('verify_ssl', None))
07-26-2018 12:03:17.948 +0800 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/TA-OMS_Inputs/bin/oms_inputs.py" File "/opt/splunk/etc/apps/TA-OMS_Inputs/bin/ta_oms_inputs/requests/api.py", line 110, in post
07-26-2018 12:03:17.948 +0800 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/TA-OMS_Inputs/bin/oms_inputs.py" return request('post', url, data=data, json=json, **kwargs)
07-26-2018 12:03:17.948 +0800 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/TA-OMS_Inputs/bin/oms_inputs.py" File "/opt/splunk/etc/apps/TA-OMS_Inputs/bin/ta_oms_inputs/requests/api.py", line 56, in request
07-26-2018 12:03:17.948 +0800 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/TA-OMS_Inputs/bin/oms_inputs.py" return session.request(method=method, url=url, **kwargs)
07-26-2018 12:03:17.948 +0800 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/TA-OMS_Inputs/bin/oms_inputs.py" File "/opt/splunk/etc/apps/TA-OMS_Inputs/bin/ta_oms_inputs/requests/sessions.py", line 488, in request
07-26-2018 12:03:17.948 +0800 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/TA-OMS_Inputs/bin/oms_inputs.py" resp = self.send(prep, **send_kwargs)
07-26-2018 12:03:17.948 +0800 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/TA-OMS_Inputs/bin/oms_inputs.py" File "/opt/splunk/etc/apps/TA-OMS_Inputs/bin/ta_oms_inputs/requests/sessions.py", line 609, in send
07-26-2018 12:03:17.948 +0800 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/TA-OMS_Inputs/bin/oms_inputs.py" r = adapter.send(request, **kwargs)
07-26-2018 12:03:17.948 +0800 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/TA-OMS_Inputs/bin/oms_inputs.py" File "/opt/splunk/etc/apps/TA-OMS_Inputs/bin/ta_oms_inputs/requests/adapters.py", line 487, in send
07-26-2018 12:03:17.948 +0800 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/TA-OMS_Inputs/bin/oms_inputs.py" raise ConnectionError(e, request=request)
07-26-2018 12:03:17.948 +0800 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/TA-OMS_Inputs/bin/oms_inputs.py" ConnectionError: HTTPSConnectionPool(host='login.microsoftonline.com', port=443): Max retries exceeded with url: /7007305e-2664-4e6b-b9a4-c4d5ccfd1524/oauth2/token?api-version=1.0 (Caused by NewConnectionError(': Failed to establish a new connection: [Errno 110] Connection timed out',))
07-26-2018 12:03:17.975 +0800 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/TA-OMS_Inputs/bin/oms_inputs.py" ERRORHTTPSConnectionPool(host='login.microsoftonline.com', port=443): Max retries exceeded with url: /7007305e-2664-4e6b-b9a4-c4d5ccfd1524/oauth2/token?api-version=1.0 (Caused by NewConnectionError(': Failed to establish a new connection: [Errno 110] Connection timed out',))
07-26-2018 12:03:18.814 +0800 ERROR ClusteringMgr - VerifyMultisiteConfig failed Error=failed method=GET path=/services/cluster/master/info/?output_mode=json master=10.xxx.xxx.xxx:8089 rv=0 gotConnectionError=1 gotUnexpectedStatusCode=0 actual_response_code=502 expected_response_code=2xx status_line="Error connecting: Connection refused" socket_error="Connection refused" remote_error=
They’ve deprecated the API this app uses. I hope to release a fix soon.
Thanks!
@robtun Did you fixed the bug and able to receive OMS data?
Did you see your error related to your cluster master? Need any help with that?
Hi,
Please find below link has more info.
https://answers.splunk.com/answers/655954/why-am-i-unable-to-configure-microsoft-oms-modular.html
They’ve deprecated the API this app uses. I hope to release a fix soon.
Thanks!