All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Splunk Add-on for Java Management Extension: ERROR - Failed to retrieve RMIServer stub

choehser
Explorer
‎08-14-2015 06:57 AM

Even after disabling the Firewalls on the Splunk Server, and on the JMX server (WebSphere Application Server), I get these errors:

2015-08-14 15:48:33,810 - com.splunk.modinput.ModularInput -610084 [Thread-7] ERROR  - Failed to retrieve RMIServer stub: javax.naming.NamingException: Error during resolve [Root exception is org.omg.CORBA.TRANSIENT: initial and forwarded IOR inaccessible  vmcid: IBM  minor code: E07  completed: No]
2015-08-14 15:48:33,852 - org.exolab.castor.mapping.Mapping -610126 [Thread-7] INFO   - Loading mapping descriptors from jar:file:/opt/splunk/etc/apps/Splunk_TA_jmx/bin/lib/jmxmodinput.jar!/mapping.xml
2015-08-14 15:48:33,957 - com.splunk.modinput.ModularInput -610231 [Thread-7] INFO   - 1 servers found in stanza jmx://_Splunk_TA_jmx_:Splunk_TA_jmx:PerformanceMonitoring

Any help is welcome!

Regards Chris

Reply

jenshaizmann
Explorer
‎10-15-2015 10:13 PM

Hello,

I found a solution to get the addon working on a splunk indexer with WAS jmx connection and enabled administrative security.

1. Download IBM SDK
download version 7 from http://www.ibm.com/developerworks/java/jdk/eclipse

2. Set environment variables

JAVA_HOME=D:\ibm_sdk70
SPLUNK_HOME=D:\Splunk

3. copy WAS' trust store to splunk instance
copy trust store to "D:/Splunk/etc/apps/Splunk_TA_jmx/trust.p12"

4. Enhance addon's jmx.py

# Set to True to use the MX4J JMX implementation
# USE_MX4J = True

# Set to True to test SSL
#TEST_SSL = True
TEST_SSL = False

[...]

#BOOTPATH = build_classpath(sep.join([MODINPUT_HOME, 'bin', 'lib', 'boot']), psep)
#if USE_MX4J:
#    BOOTPATH = BOOTPATH + build_classpath(sep.join([MODINPUT_HOME, 'bin', 'lib', 'mx4j_boot']), psep)
#"-Xbootclasspath/p:" + BOOTPATH,

JAVA_ARGS = [JAVA_EXECUTABLE, "-classpath", CLASSPATH,
    #"-Dcom.ibm.CORBA.enableClientCallbacks=true", # unknown property was set while testing
    "-Dcom.ibm.CORBA.ConfigURL=file:D:\\Splunk\\etc\\apps\\Splunk_TA_jmx\\sas.client.props", # required for a secure connection to WAS
    "-Dcom.ibm.SSL.ConfigURL=file:D:\\Splunk\\etc\\apps\\Splunk_TA_jmx\\ssl.client.props", # required for a secure connection to WAS
    #"-Dcom.ibm.CORBA.Debug=true", # enable this to debug
    #"-Dcom.ibm.CORBA.CommTrace=true", # enable this to debug
    #"-Dcom.ibm.CORBA.Debug.Output=D\\Splunk\\etc\\apps\\Splunk_TA_jmx\\corba.log", # enable this to debug
    "-Xms" + MIN_HEAP,
    "-Xmx" + MAX_HEAP, "-Dconfighome=" + CONFIG_HOME,
    "-Dsplunkhome=" + SPLUNK_HOME, JAVA_MAIN_CLASS]
if TEST_SSL:
    TEST_SSL_ARGS = "-Djavax.net.ssl.trustStore=" + SPLUNK_HOME + "/etc/apps/Splunk_TA_jmx/bin/mx4j.ks"
    JAVA_ARGS.insert(-1, TEST_SSL_ARGS)

5. copy sas.client.props from WAS & edit 

com.ibm.CORBA.securityEnabled=true

[...]

com.ibm.CORBA.authenticationTarget=BasicAuth
com.ibm.CORBA.authenticationRetryEnabled=true
com.ibm.CORBA.authenticationRetryCount=3
com.ibm.CORBA.validateBasicAuth=false
com.ibm.CORBA.securityServerHost=
com.ibm.CORBA.securityServerPort=
com.ibm.CORBA.loginTimeout=300
com.ibm.CORBA.loginSource=properties

# RMI/IIOP user identity
com.ibm.CORBA.loginUserid=<admin user>
com.ibm.CORBA.loginPassword=<password>

[...]

# Does this client support stateful sessions?
com.ibm.CSI.performStateful=true

# Does this client support/require BasicAuth (userid/password) client authentication?
com.ibm.CSI.performClientAuthenticationRequired=false
com.ibm.CSI.performClientAuthenticationSupported=true

# Does this client support/require SSL client authentication? 
com.ibm.CSI.performTLClientAuthenticationRequired=false
com.ibm.CSI.performTLClientAuthenticationSupported=false

# Note: You can perform BasicAuth (uid/pw) and SSL client authentication (certificate)
# simultaneously, however, the BasicAuth identity will always take precedence at the server.

# Does this client support/require SSL connections?
com.ibm.CSI.performTransportAssocSSLTLSRequired=true
com.ibm.CSI.performTransportAssocSSLTLSSupported=true

# Does this client support/require 40-bit cipher suites when using SSL?
com.ibm.CSI.performMessageIntegrityRequired=false
com.ibm.CSI.performMessageIntegritySupported=true

# Note: This property is only valid when SSL connections are supported or required.
# Does this client support/require 128-bit cipher suites when using SSL?
com.ibm.CSI.performMessageConfidentialityRequired=false
com.ibm.CSI.performMessageConfidentialitySupported=true

6. copy ssl.client.props from WAS & edit 

# TrustStore information
com.ibm.ssl.trustStoreName=ClientDefaultTrustStore
com.ibm.ssl.trustStore=D:/Splunk/etc/apps/Splunk_TA_jmx/trust.p12
com.ibm.ssl.trustStorePassword=<password>
com.ibm.ssl.trustStoreType=PKCS12
com.ibm.ssl.trustStoreProvider=IBMJCE
com.ibm.ssl.trustStoreFileBased=true
com.ibm.ssl.trustStoreReadOnly=false

7. copy some WAS libs to addon
Copy following files from D:/IBM/WebSphere/AppServer/runtimes (WAS instance) to D:/Splunk/etc/apps/Splunk_TA_jmx/bin/lib (splunk indexer)

com.ibm.ws.admin.client_8.5.0.jar
com.ibm.ws.ejb.thinclient_8.5.0.jar
com.ibm.ws.orb_8.5.0.jar

Regards, Jens

Reply

vu_le
New Member
‎10-15-2015 08:41 PM

Hi,

Just wondering if any one has found a solution to his?

Can't seem to move past this.

0 Karma
Reply

jcoates_splunk
Splunk Employee
Splunk Employee
‎09-26-2015 01:47 PM

I'm wondering if you've followed the WAS directions (http://docs.splunk.com/Documentation/AddOns/latest/IBMWAS/About ), which call for an IIOP connection rather than an RMI connection?

0 Karma
Reply

choehser
Explorer
‎09-28-2015 05:53 AM

I tried to follow the "guide", but not sure if I understood everything the way it was meant, but I tried to...

The URL used, is
service:jmx:iiop://badportal/jndi/corbaname:iiop:badportal:10034/WsnAdminNameService#JMXConnector
this is about what is written as sample in the guide.

I read this as :
jmx over iiop.

Hope it helps to get over this

Thx, Chris

0 Karma
Reply

jenshaizmann
Explorer
‎09-22-2015 02:10 AM

Hello,

I've the same problem. Did you have already found any solution for this?

Regards Jens

0 Karma
Reply

choehser
Explorer
‎09-28-2015 05:41 AM

Hi Jens,

sorry, no helping answer so far 😞
In case I get an answer, or get itz to work somehow, I will let all know, as I thought, that others might stumble at this point as well.

Cheers, Chris

0 Karma
Reply
Get Updates on the Splunk Community!

Prove Your Splunk Prowess at .conf25—No Prereqs Required!

Your Next Big Security Credential: No Prerequisites Needed We know you’ve got the skills, and now, earning the ...

Splunk Observability Cloud's AI Assistant in Action Series: Observability as Code

This is the sixth post in the Splunk Observability Cloud’s AI Assistant in Action series that digs into how to ...

Splunk Answers Content Calendar, July Edition I

Hello Community! Welcome to another month of Community Content Calendar series! For the month of July, we will ...
Top