All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Splunk Add-on for Cisco IPS: Why am I unable to connect to IPS with "HTTP Error 401: Unauthorized"?

khagan
Path Finder
‎09-16-2015 08:07 AM

I'm using the Splunk Add-On for Cisco IPS to pull data from a number of IPS machines, but it seems like none of them are able to hold a connection, and I'm not getting any logs from them. Looking at Splunk's internal logs, it shows that Splunk connects successfully, but then immediately following every connection is an HTTP Error 401: Unauthorized...

Wed Sep 16 15:53:56 2015 - INFO - Attempting to connect to sensor: xx.xx.xx.14
Wed Sep 16 15:53:56 2015 - INFO - Successfully connected to: xx.xx.xx.14
Wed Sep 16 15:54:01 2015 - ERROR - Connecting to sensor - xx.xx.xx.14: Traceback (most recent call last):   File "C:\Program Files\Splunk\etc\apps\Splunk_TA_cisco-ips\bin\get_ips_feed.py", line 99, in run     sdee.open()   File "C:\Program Files\Splunk\etc\apps\Splunk_TA_cisco-ips\bin\pysdee\pySDEE.py", line 187, in open     self._request(params)   File "C:\Program Files\Splunk\etc\apps\Splunk_TA_cisco-ips\bin\pysdee\pySDEE.py", line 163, in _request     data = urllib2.urlopen(req)   File "C:\Program Files\Splunk\Python-2.7\Lib\urllib2.py", line 127, in urlopen     return _opener.open(url, data, timeout)   File "C:\Program Files\Splunk\Python-2.7\Lib\urllib2.py", line 410, in open     response = meth(req, response)   File "C:\Program Files\Splunk\Python-2.7\Lib\urllib2.py", line 523, in http_response     'http', request, response, code, msg, hdrs)   File "C:\Program Files\Splunk\Python-2.7\Lib\urllib2.py", line 448, in error     return self._call_chain(*args)   File "C:\Program Files\Splunk\Python-2.7\Lib\urllib2.py", line 382, in _call_chain     result = func(*args)   File "C:\Program Files\Splunk\Python-2.7\Lib\urllib2.py", line 531, in http_error_default     raise HTTPError(req.get_full_url(), code, msg, hdrs, fp) HTTPError: HTTP Error 401: Unauthorized

Does anyone know what might be causing this problem?

0 Karma
Reply

bmas10
Explorer
‎10-24-2016 10:16 AM

I ended up hard-coding the credentials into the python because Splunk was munging them.

0 Karma
Reply

chrishartsock
Path Finder
‎10-24-2016 08:22 AM

I am receiving this error as well. Was a conclusion ever reached?

0 Karma
Reply

jcoates_splunk
Splunk Employee
Splunk Employee
‎09-19-2015 01:10 PM

I agree that it's connecting to the sensor... that looks to me like it's then timing out on the next step. I'd increase Splunk's timeout period in web.conf.

0 Karma
Reply

bmas10
Explorer
‎06-11-2016 11:02 AM

I'm assuming the timeout was no the answer. OP, did you get this to work?

0 Karma
Reply
Get Updates on the Splunk Community!

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...

Introducing the 2024 Splunk MVPs!

We are excited to announce the 2024 cohort of the Splunk MVP program. Splunk MVPs are passionate members of ...

Splunk Custom Visualizations App End of Life

The Splunk Custom Visualizations apps End of Life for SimpleXML will reach end of support on Dec 21, 2024, ...