1) We are testing "Rapid7 Nexpose Technology add-on for Splunk" on Splunk v. 6.5.3 and we are in the process of upgrading Splunk to 7.0.# (7.0.0.1) . Is Rapid7 add-on supported in Splunk v. 7?
2) we installed and configured Rapid7 add-on in our DEV env. We are getting data, but there is an error message in TA-rapid7_nexpose.log: "Error sending metrics". What does this error mean?
2017-11-29 10:36:38,248 INFO nx_logger:38 - Retrieving password
2017-11-29 10:36:38,396 INFO nx_logger:38 - Loading Splunk password response
2017-11-29 10:36:38,397 INFO nx_logger:38 - Parsing Splunk password response
2017-11-29 10:36:38,489 INFO nx_logger:38 - Sending statistics data to Nexpose
2017-11-29 10:36:52,129 INFO nx_logger:38 - Retrieving password
2017-11-29 10:36:52,242 INFO nx_logger:38 - Loading Splunk password response
2017-11-29 10:36:52,242 INFO nx_logger:38 - Parsing Splunk password response
2017-11-29 10:36:52,351 INFO nx_logger:38 - Sending statistics data to Nexpose
2017-11-29 10:36:55,736 ERROR nx_logger:32 - Error sending metrics.
2017-11-29 10:36:55,737 INFO nx_logger:38 - Platform is Linux or Mac
.........
Hello,
I've installed rapid7 app. I configured input and connection parameters. It seems to be ok but when I try to open the app splunk returns 404 error.
My log file is the same of @Sahr_Lebbie
Thanks
Hi @mlevsh,
1) We haven't tested against Splunk 7 yet, but expect to test against it soon. Reading the release notes for Splunk 7, I haven't seen anything yet that would be breaking. So it would be a case of testing the app in your local Splunk 7.
2) You can ignore that error, its a health check in the app for Nexpose, but it doesn't affect your data or the app performace.
I'm glad to hear the App is running well for you. Are you testing with Splunk 7 in your DEV env?
Hi Jonathan,
All I seem to see are these events in the TA's logs but no events in Splunk. Do you have any suggestions on testing further? I am on Spunk 7.0.2 and I did notice your comments from the post above.
2018-07-26 18:40:59,029 INFO nx_logger:38 - Saving changes made on configuration screen...
2018-07-26 18:40:59,114 INFO nx_logger:38 - Sucessfully retrieved stored config for Nexpose.
2018-07-26 18:40:59,125 INFO nx_logger:38 - Password retrieved.
2018-07-26 18:40:59,246 INFO nx_logger:38 - Executing nexpose_setup.py
2018-07-26 18:40:59,246 INFO nx_logger:38 - Listing the fields for the set up screen...
2018-07-26 18:40:59,432 INFO nx_logger:38 - Executing nexpose_setup.py
2018-07-26 18:40:59,527 INFO nx_logger:38 - Executing nexpose_setup.py
2018-07-26 18:40:59,528 INFO nx_logger:38 - Listing the fields for the set up screen...
2018-07-26 18:40:59,711 INFO nx_logger:38 - Executing nexpose_setup.py
2018-07-26 18:40:59,807 INFO nx_logger:38 - Executing nexpose_setup.py
2018-07-28 04:00:00,167 INFO nx_logger:38 - Retrieving password
2018-07-28 04:00:00,245 INFO nx_logger:38 - Loading Splunk password response
2018-07-28 04:00:00,245 INFO nx_logger:38 - Parsing Splunk password response
2018-07-28 05:10:00,166 INFO nx_logger:38 - Retrieving password
2018-07-28 05:10:00,240 INFO nx_logger:38 - Loading Splunk password response
2018-07-28 05:10:00,240 INFO nx_logger:38 - Parsing Splunk password response
2018-07-29 04:00:00,170 INFO nx_logger:38 - Retrieving password
2018-07-29 04:00:00,245 INFO nx_logger:38 - Loading Splunk password response
2018-07-29 04:00:00,245 INFO nx_logger:38 - Parsing Splunk password response
2018-07-29 05:10:00,163 INFO nx_logger:38 - Retrieving password
2018-07-29 05:10:00,238 INFO nx_logger:38 - Loading Splunk password response
2018-07-29 05:10:00,238 INFO nx_logger:38 - Parsing Splunk password response
2018-07-30 04:00:00,532 INFO nx_logger:38 - Retrieving password
2018-07-30 04:00:00,680 INFO nx_logger:38 - Loading Splunk password response
2018-07-30 04:00:00,680 INFO nx_logger:38 - Parsing Splunk password response
2018-07-30 05:10:00,477 INFO nx_logger:38 - Retrieving password
2018-07-30 05:10:00,640 INFO nx_logger:38 - Loading Splunk password response
2018-07-30 05:10:00,640 INFO nx_logger:38 - Parsing Splunk password response
2018-07-31 04:00:00,258 INFO nx_logger:38 - Retrieving password
2018-07-31 04:00:00,331 INFO nx_logger:38 - Loading Splunk password response
2018-07-31 04:00:00,332 INFO nx_logger:38 - Parsing Splunk password response
2018-07-31 05:10:00,182 INFO nx_logger:38 - Retrieving password
2018-07-31 05:10:00,257 INFO nx_logger:38 - Loading Splunk password response
2018-07-31 05:10:00,257 INFO nx_logger:38 - Parsing Splunk password response
Hey @jonathan_stewart, I noticed you answered some question about this application before. Do you have any insight on the questions above?