All Apps and Add-ons

Qualys Technology Add on Error

manish_singh_77
Builder

Hi @lakshman239

We have installed "Qualys TA" in our HF instance, configured the credentials and data inputs for "fim events" but when we search the events in our search head it doesn't show up.

We get this error message : [idx-123-abc.splunkcloud.com] Search process did not exit cleanly, exit_code=255, description="exited with code 255". Please look in search.log for this peer in the Job Inspector for more info.

0 Karma
1 Solution

manish_singh_77
Builder

Issue got resolved, credentials and api url was not correct. After entering the correct information, it worked.

View solution in original post

0 Karma

manish_singh_77
Builder

Issue got resolved, credentials and api url was not correct. After entering the correct information, it worked.

0 Karma

manish_singh_77
Builder

Issue got resolved, credentials and api url was not correct. After entering the correct information, it worked.

0 Karma

manish_singh_77
Builder

@richgalloway @lakshman239

Do we need to install "Qualys TA Add On" on both HF and SH in the distributed environment?

We would like to see only "FIM Events" in SH.

0 Karma

manish_singh_77
Builder

@richgalloway @lakshman239

I am getting this error message now in the Search Head:

[MainThread] ERROR: Error in connection: [Errno -5] No address associated with hostname . Sleeping for 300 seconds and retrying. Retry count: 3

0 Karma

manish_singh_77
Builder

@richgalloway @lakshman239

Issue got resolved, credentials and api url was not correct. After entering the correct information, it worked.

0 Karma

richgalloway
SplunkTrust
SplunkTrust

What did you find in search.log?

---
If this reply helps you, Karma would be appreciated.
0 Karma

manish_singh_77
Builder

Nothing much

0 Karma

richgalloway
SplunkTrust
SplunkTrust

The app's page on splunkbase has a link for support. I suggest you contact them.

---
If this reply helps you, Karma would be appreciated.
0 Karma
Get Updates on the Splunk Community!

Now Available: Cisco Talos Threat Intelligence Integrations for Splunk Security Cloud ...

At .conf24, we shared that we were in the process of integrating Cisco Talos threat intelligence into Splunk ...

Preparing your Splunk Environment for OpenSSL3

The Splunk platform will transition to OpenSSL version 3 in a future release. Actions are required to prepare ...

Easily Improve Agent Saturation with the Splunk Add-on for OpenTelemetry Collector

Agent Saturation What and Whys In application performance monitoring, saturation is defined as the total load ...