All Apps and Add-ons
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
- Find Answers
- :
- Apps & Add-ons
- :
- All Apps and Add-ons
- :
- Security Essentials CIM Compliance Check error
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Security Essentials CIM Compliance Check error
BrendanCO
Path Finder
02-22-2021
12:23 PM
Hello. I've recently installed Security Essentials within my Spunk instance that is receiving Palo Alto, Cisco switch and Active Directory log files. I can see all the data just fine in each respective app. Each of their data models is accelerated.
I've installed the CIM, accelerated the relevant data models, set up Security Essentials and then go to the CIM Compliance Check and I get the following error:
Error in 'sseidenrichment' command: External search command exited unexpectedly with non-zero error code 1
Thoughts?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
_joe
Contributor
03-17-2021
08:58 AM
This ended up being a big within the app, resolved in Version 3.3.1
March 10, 2021
This is a small release with the following bugs fixed:
- Local search mapping mapped to wrong field when using Create New from Content Introspection
- Fixed a bug where the update would fail based on the data returned
- Modified the links to remediate a potential tabnabbing vulnerability
- Removed the Highcharts library
- Fixed a bug with the sseidenrichment command (Only affects Splunk 8.1)
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
_joe
Contributor
03-08-2021
10:56 AM
I am having a similar issue with any search using the sseidenrichment command. I wanted to additionally comment that, for me at least, this issue started when we upgraded from Splunk 8.0 to 8.1.2. I have not been able to identify a root cause yet. Is anyone else noticing a correlation between this issue and Splunk version 8.1?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
BrendanCO
Path Finder
03-08-2021
11:14 AM
I know that there is a Python 3 upgrade we need to be sure we've addressed:
https://docs.splunk.com/Documentation/Splunk/latest/Python3Migration/AboutMigration
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Suirand1
Explorer
03-02-2021
03:52 AM
Get Updates on the Splunk Community!
Splunk App Dev Community Updates – What’s New and What’s Next
Welcome to your go-to roundup of everything happening in the Splunk App Dev Community! Whether you're building ...
The Latest Cisco Integrations With Splunk Platform!
Join us for an exciting tech talk where we’ll explore the latest integrations in Cisco + Splunk! We’ve ...
Enterprise Security Content Update (ESCU) | New Releases
In April, the Splunk Threat Research Team had 2 releases of new security content via the Enterprise Security ...
