All Apps and Add-ons

Splunk Add-on for Cisco Identity Services: Why is the python script pxgremediate.py returning a "Permission denied" error

kartik13
Communicator

Hi,

I am configuring the Splunk Add-on for Cisco Identity Services. When I Quarantine the IP address, it should invoke the python (pxgremediate.py) script, but after that, it's showing me an error as:

External search command 'pxgremediate' returned error code 1. Script output = "ERROR [Errno 13] Permission denied" 

All sort of permissions have been granted to the the script. Also when i am trying in my local, it's giving me invalid or corrupt jar.

0 Karma
1 Solution

jcoates_splunk
Splunk Employee
Splunk Employee

Hi, there was a corrupt jar in 2.1.1 -- 2.1.2 fixes it.

View solution in original post

jcoates_splunk
Splunk Employee
Splunk Employee

Hi, there was a corrupt jar in 2.1.1 -- 2.1.2 fixes it.

kartik13
Communicator

I checked the pxgremediate.log file . I found the issue

Exception Detail: [Errno 13] Permission denied
Traceback: Traceback (most recent call last):
File "/apps/splunk/etc/apps/Splunk_TA_cisco-ise/bin/pxgremediate.py", line 131, in pxgremediate
java_result = subprocess.Popen(java_cmd, stderr=subprocess.STDOUT, stdout=subprocess.PIPE)
File "/apps/splunk/lib/python2.7/subprocess.py", line 711, in __init__
errread, errwrite)
File "/apps/splunk/lib/python2.7/subprocess.py", line 1308, in _execute_child
raise child_exception
OSError: [Errno 13] Permission denied

0 Karma

kartik13
Communicator

Not sure even but still figuring it out .

When python invokes the pxgremediate.py script it requires the executable java class which requires the java installed in the machine . My problem is permission to java is not there .

0 Karma
Get Updates on the Splunk Community!

Stay Connected: Your Guide to July and August Tech Talks, Office Hours, and Webinars!

Dive into our sizzling summer lineup for July and August Community Office Hours and Tech Talks. Scroll down to ...

Edge Processor Scaling, Energy & Manufacturing Use Cases, and More New Articles on ...

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

Get More Out of Your Security Practice With a SIEM

Get More Out of Your Security Practice With a SIEMWednesday, July 31, 2024  |  11AM PT / 2PM ETREGISTER ...