Solved: Splunk Add-on for Akamai: Why am I not getting an ...

anzianojackson · ‎03-07-2018

I've been trying to figure this out for a bit now. I've installed the TA_Akamai_SIEM_1.2.0 to ingest Akamai Kona WAF logs. I have tested the REST API via command line to pull SIEM data, but when I trying to implement it with the Splunk Add-on, no data comes back.

Error Message from UI:

Unable to initialize modular input "TA-Akamai_SIEM" defined inside the app "TA-Akamai_SIEM": Introspecting scheme=TA-Akamai_SIEM: script running failed (exited with code 127).

I'm running this on a 6.5.3 forwarder.

cpetterborg · ‎03-07-2018

This is probably caused by java not being installed on the server.

View solution in original post

cpetterborg · ‎03-07-2018

This is probably caused by java not being installed on the server.

anzianojackson · ‎03-07-2018

I heart you so much!

iamarkaprabha · ‎10-03-2018

Hi ,

Yes cpetterborg is correct. I had faced the same issue while integrating Akamai and splunk. The main issue is Java path. The shell script was not able to execute the jar due to java path issue

adri2915 · ‎08-02-2021

Hello, please, you could say, how resolve this problem? what do you actions you applicated?

Thank you

Splunk Add-on for Akamai: Why am I not getting an data when I implement TA_Akamai_SIEM integration?

Enterprise Security Content Update (ESCU) | New Releases

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

Index This | What are the 12 Days of Splunk-mas?