All Apps and Add-ons
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Solved! Jump to solution

Process to get required modules & Net/SSLeay.pm for Cisco eStreamer for Splunk app?

jwelsh_splunk
Splunk Employee
Splunk Employee
‎08-07-2014 05:46 PM

Don't have a lot of experience with Perl, wanted to make sure I'm following the right process to get the eStreamer app working.

I used CPAN to get the following modules:

Getopt::Long (Getopt-Long-2.42)
Socket (Socket-2.014)
IO::Socket::SSL (IO-Socket-SSL-1.997)
NetAddr::IP (NetAddr-IP-4.075)
Storable (Storable-2.51)

Is this the proper process?

  1. Put the modules in $SPLUNK_HOME/etc/apps/eStreamer/bin/lib - (assume this is the right directory to put these modules?)
  2. For each module I run: 'perl Makefile.PL' 'make' 'make install'
  3. Re-run $SPLUNK_HOME/etc/apps/eStreamer/bin/estreamer_client.pl
  4. Add additional modules from CPAN based on errors that appear from previous step until no more errors occur.

Is this correct?

Also, I followed this procedure and received the following error:

"Can't locate Net/SSLeay.pm in @INC"

I then added Net-SSLeay-1.65 module (with steps above) but received several errors during 'make'. Any suggestion of how to get around this?

Thanks in advance.

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

jwelsh_splunk
Splunk Employee
Splunk Employee
‎08-08-2014 01:17 PM

Turns out modules can be added to the system's libraries, not the eStreamer's local lib dir. Easiest method depends on your Linux OS. (Used this as a reference: unix.stackexchange.com/questions/118725/trouble-installing-apt-on-centos-6-64-bit)

Let say the Net/SSLeay.pm is required.

For Debian based distros use dpkg and APT. Process (commands) would be something like the following:

apt-cache search perl | grep -i Net*SSL*
--Find the library name with Net*SSL in it, copy it, then
apt-get install [perl-lib, pasted from previous step]

*Note your commands may need to be run within your /usr/local/bin, /usr/local/lib, or directory that has your systems perl modules.

For Red Hat based distros use rpm and yum as follows:

yum list perl-Net*SSL
--Find the library name with Net*SSL* in it, copy it, then
yum install [perl-lib found, pasted from previous step]

As the official instructions state (apps.splunk.com/app/1629/) repeat this process for each required library by running $SPLUNK_HOME/etc/apps/eStreamer/bin/estreamer_client.pl until you see something like the following:

[root@localhost bin]# pwd
/opt/splunk/etc/apps/eStreamer/bin
[root@localhost bin]# ./estreamer_client.pl
Usage: estreamer_client.pl [options]
Options:
[-c]onfig=
[-l]ogfile=
[-t]est
[-d]aemon

Hope this helps.

View solution in original post

Reply
Solved! Jump to solution
Solution

jwelsh_splunk
Splunk Employee
Splunk Employee
‎08-08-2014 01:17 PM

Turns out modules can be added to the system's libraries, not the eStreamer's local lib dir. Easiest method depends on your Linux OS. (Used this as a reference: unix.stackexchange.com/questions/118725/trouble-installing-apt-on-centos-6-64-bit)

Let say the Net/SSLeay.pm is required.

For Debian based distros use dpkg and APT. Process (commands) would be something like the following:

apt-cache search perl | grep -i Net*SSL*
--Find the library name with Net*SSL in it, copy it, then
apt-get install [perl-lib, pasted from previous step]

*Note your commands may need to be run within your /usr/local/bin, /usr/local/lib, or directory that has your systems perl modules.

For Red Hat based distros use rpm and yum as follows:

yum list perl-Net*SSL
--Find the library name with Net*SSL* in it, copy it, then
yum install [perl-lib found, pasted from previous step]

As the official instructions state (apps.splunk.com/app/1629/) repeat this process for each required library by running $SPLUNK_HOME/etc/apps/eStreamer/bin/estreamer_client.pl until you see something like the following:

[root@localhost bin]# pwd
/opt/splunk/etc/apps/eStreamer/bin
[root@localhost bin]# ./estreamer_client.pl
Usage: estreamer_client.pl [options]
Options:
[-c]onfig=
[-l]ogfile=
[-t]est
[-d]aemon

Hope this helps.

Reply
Solved! Jump to solution

mwoya
New Member
‎09-12-2015 01:46 AM

thanks, your tips work.

this was the modules that i need to install :

/usr/local/lib# apt-cache search perl | grep -i NetAddr
sudo apt-get install libnetaddr-ip-perl

/usr/local/lib$ apt-cache search perl | grep -i Net.*SSL
sudo apt-get install libnet-ssleay-perl

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk

We are excited to announce that the upcoming releases of Splunk Enterprise 10.2.x and Splunk Cloud Platform ...

Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...

After a whole week of being on call, you fell asleep on your keyboard, and you hit a sequence of buttons that ...