Re: Resolving Error when using VirusTotal TA?

jhilton90 · ‎06-21-2023

I have installed and setup the VirusTotal TA with basic configuration i.e. API key and Max Batch Size just to test things.

However when I try to run the following command

index=advanced_hunting category="AdvancedHunting-UrlClickEvents" properties.UrlChain=*
| virustotal domain=properties.UrlChain

I get the following error

Error in 'virustotal' command: External search command exited unexpectedly with non-zero error code 1.

Streamed search execute failed because: Error in 'virustotal' command: External search command exited unexpectedly with non-zero error code 1.

I'm scrolling through Google but nothing is helping at the moment.

Was wondering if anyone else has experienced the same issue

vikas_gopal · ‎11-27-2023

Hi There ,

Are you able to resolve this issue ? if yes please post your workaround as I am also facing same issue .

jhilton90 · ‎11-27-2023

Unfortunately not no

vikas_gopal · ‎11-27-2023

sure thank you , I am trying to reach out to the addon creator and trying few things here . Will update here in case I come with something

vikas_gopal · ‎11-28-2023

Issue has been resolved after we provide admin permission to all the respective knowledge objects of this addon , like saved searches , lookups . I do not see this error any more

Resolving Error when using VirusTotal TA?

configuration

installation

troubleshooting

New Year. New Skills. New Course Releases from Splunk Education

Splunk and TLS: It doesn't have to be too hard

Faster Insights with AI, Streamlined Cloud-Native Operations, and More New Lantern ...

Join the Conversation