Splunk Add-on for Unix and Linux sshdChecker.sh sc...

esalesapns2 · ‎11-27-2018

On standalone Search Head running Linux from AWS Splunk AMI 2018-09-28, Splunk Enterprise v7.2.0, Add-on v6.0.1, sshdChecker.sh is returning non-zero causing hundreds of console "Messages". If I run the script as user "splunk" from the apps/Splunk_TA_nix/ directory, it returns "bin/sshdChecker.sh: line 98: /bin/openssl: No such file or directory". I think this is because SPLUNK_HOME is not set because it sets the execute string to "$SPLUNK_HOME/bin/openssl". I can get it to work if I add "export SPLUNK_HOME=/opt/splunk" directly inside the script. Is this a bug, or did I miss a configuration setting somewhere? Also, how does one generally pass environment variables to scripted inputs?

esalesapns2 · ‎12-12-2018

I turns out that this happens if I do what they had me do dozens of times in Splunk training: run ".../bin/splunk restart" as user "splunk" from the command line. If you do this the Splunk environment variables don't get set and exported. Run "service splunk restart" instead, and the environment that things depend upon will be in place.

Splunk Add-on for Unix and Linux sshdChecker.sh script error.

[Puzzles] Solve, Learn, Repeat: Unmerging HTML Tables

Enterprise Security (ES) Essentials 8.3 is Now GA — Smarter Detections, Faster ...

AI for AppInspect

Join the Conversation

Splunk Add-on for Unix and Linux sshdChecker.sh script error.

[Puzzles] Solve, Learn, Repeat: Unmerging HTML Tables

Enterprise Security (ES) Essentials 8.3 is Now GA — Smarter Detections, Faster ...

AI for AppInspect