All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

SolarWinds Add-on for Splunk: Help with installation

cboillot
Contributor
‎09-08-2017 08:35 AM

I am unable to get this to work. Who else has gotten this to work and what was the trick?

0 Karma
Reply

aromanauskas
Path Finder
‎10-02-2017 12:39 PM

I could be wrong but I believe that this search should have been:

index="_internal" error solarwinds

0 Karma
Reply

ehaddad_splunk
Splunk Employee
Splunk Employee
‎09-08-2017 05:11 PM

what error do you get when you run
index=internal error solarwinds

0 Karma
Reply

cboillot
Contributor
‎09-11-2017 10:47 AM

No results found.

0 Karma
Reply

lfedak_splunk
Splunk Employee
Splunk Employee
‎09-08-2017 09:16 AM

Hey@ @cboillot, Can you describe some of the steps you already took to try to install this add-on, or if you're getting any error messages, etc.?

0 Karma
Reply

ehaddad_splunk
Splunk Employee
Splunk Employee
‎09-08-2017 10:45 AM

index=_internal error solarwinds
what error do you get you type this?

0 Karma
Reply

cboillot
Contributor
‎09-11-2017 10:50 AM

This is from this morning:

2017-09-11 17:46:56,344 +0000
log_level=ERROR, pid=2236,
tid=Thread-4, file=engine.py,
func_name=_send_request,
code_line_no=325 |
[stanza_name="Alerts"] The response
status=403 for request which
url=https://sdnetmon01.ads.state.mo.us:17778/SolarWinds/InformationService/v3/Json/Query?query=SELECT+Ev...
00:00:00.00' and method=GET.

0 Karma
Reply

cboillot
Contributor
‎09-08-2017 10:55 AM

there is what stands out:

09-07-2017 15:00:51.682 -0500 WARN
HttpListener - Socket error from
127.0.0.1 while accessing /servicesNS/nobody/Splunk_TA_SolarWinds/Splunk_TA_SolarWinds_settings/logging:
Winsock error 10054

and

2017-09-07 19:25:11,006 +0000
log_level=ERROR, pid=3540,
tid=Thread-4, file=engine.py,
func_name=_send_request,
code_line_no=302 |
[stanza_name="NodeInventory"]
HTTPError reason=HTTP Error Unable to
find the server at http when sending
request to
url=https://http://oriontest.state.mo.us:17778/SolarWinds/InformationService/v3/Json/Query?query=SELECT
NodeID, ObjectSubType, IPAddress,
IPAddressType, DynamicIP, Caption,
NodeDescription, Description, DNS,
SysName, Vendor, SysObjectID,
Location, Contact, VendorIcon, Icon,
Status, StatusLED, StatusDescription,
CustomStatus, IOSImage, IOSVersion,
GroupStatus, StatusIcon, lastBoot,
SystemUpTime, ResponseTime,
PercentLoss, AvgResponseTime,
MinResponseTime, MaxResponseTime,
CPULoad, MemoryUsed, MemoryAvailable,
PercentMemoryUsed,
PercentMemoryAvailable, LastSync,
LastSystemUpTimePollUtc, IsServer,
Severity, UiSeverity, ChildStatus,
Allow64BitCounters, AgentPort,
TotalMemory, CMTS,
CustomPollerLastStatisticsPollSuccess,
SNMPVersion, PollInterval, EngineId,
RediscoveryInterval, NextPoll,
NextRediscovery, StatCollection,
External, Community, RWCommunity, IP,
IP_Address, IPAddressGUID, NodeName,
BlockUntil, OrionIdPrefix,
OrionIdColumn, SkippedPollingCycles,
MinutesSinceLastSync, EntityType,
DetailsUrl, DisplayName, Category,
IsOrionServer, UnManaged,
UnManageFrom, UnManageUntil, Image,
StatusIconHint FROM Orion.Nodes
method=GET

Since we do not have HTTPS configured property on the test server yet, I pointed to our production environment. after that last message. Nothing from today.

0 Karma
Reply

cboillot
Contributor
‎09-08-2017 09:41 AM

I did everything under Installation & Configuration with the exception of configuring a proxy, as we don't use one. I have the FQDN for our primary poller as the SolwarWinds Server. I just don't see any data.

I am not seeing any error messages. Maybe I am looking in the wrong place?

0 Karma
Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey

Can’t make it to .conf25? Join us online!

Watch Global Broadcast
Get Updates on the Splunk Community!

Can’t Make It to Boston? Stream .conf25 and Learn with Haya Husain

Boston may be buzzing this September with Splunk University and .conf25, but you don’t have to pack a bag to ...

Splunk Lantern’s Guide to The Most Popular .conf25 Sessions

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

Unlock What’s Next: The Splunk Cloud Platform at .conf25

In just a few days, Boston will be buzzing as the Splunk team and thousands of community members come together ...