I am trying to integrate Splunk with ServiceNow. I have uploaded the ServiceNow app/Add-on in Splunk. Splunk Enterprise is running in the Linux Red hat version 6.5 and the ServiceNow URL is accessed through a proxy server. I am able to access the ServiceNow URL, however, while configuring the setup, I am getting this error message:
“Encountered the following error while trying to update: In handler 'localapps': Error while posting to URL=/servicesNS/nobody/Splunk_TA_snow/service_now_setup/snow_proxy/snow_proxy”
Splunk Application Details:
Splunk Enterprise Version: 6.2.6
Splunk-App for service-now Version: 3
Splunk –Add-on for Service-now Version: 2.6.1
Service-Now version: Fuji
Mozilla Firefox: V17
Has anyone encountered a similar error? What is the best possible solution to address this?
We were having the same problem with the following updated applications and add-on.
Splunk Application Details:
- Splunk Enterprise Version: 6.3.1
- Splunk-App for service-now Version: 4.0.0
- Splunk–Add-on for Service-now Version: 2.7.0
We were just using our proxy FQDN, i.e... "proxy.company.com" and it kept failing.
Inside the SplunkTAsnow/local/servicenow.conf file, the proxy variable name is "proxyurl".
As soon as we entered "http://proxy.company.com" it saved successfully without errors.
Potentially Splunk could do some input validation in an updated release.
I filed a bug, but since there's no support ticket, it's on the slow track. I'm also pretty sure that the kind of live validation you're looking for isn't possible from the technology used in that setup screen, so it'll have to wait for a re-architecture. I'd be happy to be wrong.
Are you also able to add to the bug ticket that the TA adds about 8 different "snow_" indexes, however the app defaults to "main". We set ours up to use "index = snow" as default, to make it eaiser / logical.
I'm facing the same issue in my servicenow instance. getting this error in both my splunk windows and Linux instance. Can you please help me in to resolve this issue.
@Hemnaath , @jcoates : I am facing exactly same issue while my ServiceNow instance doesn't even use proxy setup. I have tried all the steps mentioned above . Kindly let me know a workaround for this .
Thanks jcoates, I am having admin privilege for both Splunk/Linux Machine. when I tried to find out the path mentioned in the above error "/servicesNS/nobody/SplunkTAsnow/servicenowsetup/snowproxy/snowproxy” I could not find them under Splunk folder.
kindly let me where we can find this path and is this causing an issue.
that's a REST endpoint.
$ find splunk/etc/apps/Splunk_TA_snow/ -name *.conf | xargs grep snow_proxy splunk/etc/apps/Splunk_TA_snow/default/restmap.conf:members = snow_account,snow_proxy,snow_data_collection splunk/etc/apps/Splunk_TA_snow/default/restmap.conf:[admin_external:snow_proxy] splunk/etc/apps/Splunk_TA_snow/default/service_now.conf:[snow_proxy]
Thanks jcoates, I am able to get this information in my splunk server, but I am not sure what I need to check in this files. Since I am unable to do the Service-now setup configuration I could see all the files are with default setting in default folder. Do I need to do manual configuration by editing all above mentioned conf files from default setting and copy the file to local folder path? splunk/etc/apps/splunkTAsnow /local/ *.conf .
Meanwhile I have taken this log file from Splunkdaccess.log & Servicenow_setup.log file attached. From the log what I could understand there is a problem in user name/password. Kindly let me know if you can help me on this.
e=json HTTP/1.1" 200 1504 - - - 1ms
127.0.0.1 - - [12/Oct/2015:12:35:51.306 +0530] "GET /services/server/info?outputmod e=json HTTP/1.1" 200 1504 - - - 1ms
127.0.0.1 - - [12/Oct/2015:12:35:56.306 +0530] "GET /services/server/info?outputmod e=json HTTP/1.1" 200 1504 - - - 1ms
127.0.0.1 - splunk-system-user [12/Oct/2015:12:35:56.761 +0530] "GET /servicesNS/-/- /configs/conf-servicenow/reload HTTP/1.0" 200 1858 - - - 10ms
127.0.0.1 - splunk-system-user [12/Oct/2015:12:35:56.780 +0530] "GET /servicesNS/nob ody/SplunkTAsnow/configs/conf-servicenow HTTP/1.0" 200 9058 - - - 2ms
127.0.0.1 - splunk-system-user [12/Oct/2015:12:35:56.786 +0530] "GET /servicesNS/nob ody/SplunkTAsnow/storage/passwords/https%5C%3A%252F%252Fprod1cafetest.service-now. com%3Adummy%3A HTTP/1.0" 200 4860 - - - 1ms
127.0.0.1 - splunk-system-user [12/Oct/2015:12:35:56.790 +0530] "GET /servicesNS/nob ody/SplunkTAsnow/storage/passwords/http%5C%3A%252F%252F192.168.20.31%3Adummy%3A HT TP/1.0" 200 4724 - - - 1ms
127.0.0.1 - - [12/Oct/2015:12:36:01.306 +0530] "GET /services/server/info?outputmod e=json HTTP/1.1" 200 1504 - - - 1ms
2015-10-12 12:34:50,337 INFO pid=27273 tid=MainThread file=snowsetup.py:detectrelease:227 | Detect ServiceNow release and verify credentials
2015-10-12 12:34:50,343 INFO pid=27273 tid=MainThread file=snowsetup.py:decryptusernamepassword:217 | decrypting
2015-10-12 12:34:50,348 INFO pid=27273 tid=MainThread file=snowsetup.py:decryptusernamepassword:217 | decrypting
2015-10-12 12:35:06,312 ERROR pid=27273 tid=MainThread file=snowsetup.py:detectrelease:251 | Failed to validate ServiceNow account or detect release info. Please verify credentials, urls for ServiceNow and proxy, and try again. Reason=Traceback (most recent call last):
File "/opt/splunk/etc/apps/SplunkTAsnow/bin/snowsetup.py", line 243, in _detectrelease
confmgr, config, self.appName, False)
File "/opt/splunk/etc/apps/SplunkTAsnow/bin/snowconfig.py", line 126, in fixsnowrelease
fixedrelease = SnowConfig.getsnowrelease(defaults)
File "/opt/splunk/etc/apps/SplunkTAsnow/bin/snowconfig.py", line 188, in getsnowrelease
File "/opt/splunk/etc/apps/SplunkTAsnow/bin/snowconfig.py", line 178, in verifyuserpass
Exception: Failed to verify ServiceNow username and password, reason=Traceback (most recent call last):
File "/opt/splunk/etc/apps/SplunkTAsnow/bin/snowconfig.py", line 173, in verifyuserpass
resp, content = http.request(url)
File "/opt/splunk/etc/apps/SplunkTAsnow/bin/httplib2/init.py", line 1593, in request
(response, content) = self.request(conn, authority, uri, requesturi, method, body, headers, redirections, cachekey)
File "/opt/splunk/etc/apps/SplunkTAsnow/bin/httplib2/init.py", line 1335, in request
(response, content) = self.connrequest(conn, requesturi, method, body, headers)
File "/opt/splunk/etc/apps/SplunkTAsnow/bin/httplib2/init.py", line 1263, in connrequest
raise ServerNotFoundError("Unable to find the server at %s" % conn.host)