All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Splunk Add-on for Akamai: Why am I not getting an data when I implement TA_Akamai_SIEM integration?

anzianojackson
Engager
‎03-07-2018 10:09 AM

I've been trying to figure this out for a bit now. I've installed the TA_Akamai_SIEM_1.2.0 to ingest Akamai Kona WAF logs. I have tested the REST API via command line to pull SIEM data, but when I trying to implement it with the Splunk Add-on, no data comes back.

Error Message from UI: 

Unable to initialize modular input "TA-Akamai_SIEM" defined inside the app "TA-Akamai_SIEM": Introspecting scheme=TA-Akamai_SIEM: script running failed (exited with code 127).

I'm running this on a 6.5.3 forwarder.

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

cpetterborg
SplunkTrust
SplunkTrust
‎03-07-2018 01:06 PM

This is probably caused by java not being installed on the server.

View solution in original post

Reply
Solved! Jump to solution

end_es
Observer
‎04-24-2025 02:04 AM

is anyone know how to disable this input?

0 Karma
Reply
Solved! Jump to solution

cpetterborg
SplunkTrust
SplunkTrust
‎04-24-2025 08:00 AM

Where is the input defined? You should be able to disable it where it is defined.

If you have access to the command line on the machine, do:

splunk btool inputs list --debug | fgrep "<the input name>"

 Where the input is defined, you can go to the config file and delete the input, or disable it.

0 Karma
Reply
Solved! Jump to solution
Solution

cpetterborg
SplunkTrust
SplunkTrust
‎03-07-2018 01:06 PM

This is probably caused by java not being installed on the server.

Reply
Solved! Jump to solution

Karthikeya
Communicator
‎03-04-2025 07:21 AM

@cpetterborg can you please help me how to install Java on our Splunk instance? 

 

0 Karma
Reply
Solved! Jump to solution

cpetterborg
SplunkTrust
SplunkTrust
‎03-04-2025 11:32 AM

It is highly reliant on what your servers are like, but here is a google search that might help you to install Java on various systems for Splunk:

https://www.google.com/search?q=site%3Asplunk.com+install+java&sca_esv=2e83ef3dd22d1d30&sxsrf=AHTn8z...

0 Karma
Reply
Solved! Jump to solution

anzianojackson
Engager
‎03-07-2018 02:31 PM

I heart you so much!

0 Karma
Reply
Solved! Jump to solution

iamarkaprabha
Contributor
‎10-03-2018 10:36 PM

Hi ,

Yes cpetterborg is correct. I had faced the same issue while integrating Akamai and splunk. The main issue is Java path. The shell script was not able to execute the jar due to java path issue

0 Karma
Reply
Solved! Jump to solution

adri2915
Observer
‎08-02-2021 03:46 PM

Hello, please, you could say, how resolve this problem? what do you actions you applicated? 

Thank you

0 Karma
Reply
Get Updates on the Splunk Community!

Building Reliable Asset and Identity Frameworks in Splunk ES

 Accurate asset and identity resolution is the backbone of security operations. Without it, alerts are ...

Cloud Monitoring Console - Unlocking Greater Visibility in SVC Usage Reporting

For Splunk Cloud customers, understanding and optimizing Splunk Virtual Compute (SVC) usage and resource ...

Automatic Discovery Part 3: Practical Use Cases

If you’ve enabled Automatic Discovery in your install of the Splunk Distribution of the OpenTelemetry ...