Join the Conversation
- Find Answers
- :
- Apps & Add-ons
- :
- All Apps and Add-ons
- :
- All Apps and Add-ons
- :
- QualysGuard causing errors at startup
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
QualysGuard causing errors at startup
I've tried installing the QualysGuard app in Splunk 4.3.1 and 4.3.2 and I keep getting syntax errors such as the following at startup:
Error while parsing '/opt/splunk/etc/apps/QualysGuard/default/data/ui/views/PaxHeader/vuln_kb.xml':
syntax error: line 1, column 0
Error while parsing '/opt/splunk/etc/apps/QualysGuard/default/data/ui/views/PaxHeader/overview.xml':
syntax error: line 1, column 0
All of the PaxHeader XML files look something like this:
17 uid=223919950
20 ctime=1330543946
20 atime=1330543946
24 SCHILY.dev=234881026
23 SCHILY.ino=18306079
18 SCHILY.nlink=1
What do I need to do to get rid of those errors messages?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You can just delete all the PaxHeader folders in the QualysGuard app folder ($SPLUNK_HOME/etc/apps/QualysGuard). These folders are not used by Splunk, and once you delete them, the error message should disappear. I assume you are running on Windows? If yes, then you have to edit inputs.conf ($SPLUNK_HOME/etc/apps/QualysGuard/default/inputs.conf) to use the Windows settings, and edit config.ini to use your username and password for QualysGuard API server.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
i do not have any PaxHeader folder beside; appserver, bin, default, local, log,and metadata. your thoughts?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
i download and installed "Sideview Utils" and its not a bad idea to restart your splunk service for the change effect. This work for me both in Chrome and IE. Goodluck
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
sadly not and still trying to get it working 🙂 if you have any lead please share. thank you
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Does Splunk for QualysGuard work for you? I have Sideview Utils 1.3.5 installed and it still does not work.
Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!
Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.
Announcing Modern Navigation: A New Era of Splunk User Experience
Modernize your Splunk Apps – Introducing Python 3.13 in Splunk
Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...
