All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Splunk Add-on for Unix and Linux sshdChecker.sh script error.

esalesapns2
Path Finder
‎11-27-2018 10:32 AM

On standalone Search Head running Linux from AWS Splunk AMI 2018-09-28, Splunk Enterprise v7.2.0, Add-on v6.0.1, sshdChecker.sh is returning non-zero causing hundreds of console "Messages". If I run the script as user "splunk" from the apps/Splunk_TA_nix/ directory, it returns "bin/sshdChecker.sh: line 98: /bin/openssl: No such file or directory". I think this is because SPLUNK_HOME is not set because it sets the execute string to "$SPLUNK_HOME/bin/openssl". I can get it to work if I add "export SPLUNK_HOME=/opt/splunk" directly inside the script. Is this a bug, or did I miss a configuration setting somewhere? Also, how does one generally pass environment variables to scripted inputs?

Reply

esalesapns2
Path Finder
‎12-12-2018 01:01 PM

I turns out that this happens if I do what they had me do dozens of times in Splunk training: run ".../bin/splunk restart" as user "splunk" from the command line. If you do this the Splunk environment variables don't get set and exported. Run "service splunk restart" instead, and the environment that things depend upon will be in place.

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Observability Cloud | Customer Survey!

If you use Splunk Observability Cloud, we invite you to share your valuable insights with us through a brief ...

Happy CX Day, Splunk Community!

Happy CX Day, Splunk Community! CX stands for Customer Experience, and today, October 3rd, is CX Day — a ...

.conf23 | Get Your Cybersecurity Defense Analyst Certification in Vegas

We’re excited to announce a new Splunk certification exam being released at .conf23! If you’re going to Las ...