All Apps and Add-ons

Splunk App for NetApp Data ONTAP: After upgrade from 6.3.x to 6.4.0, why am I unable to connect to NetApp 7mode filer with error "_SSL: UNSUPPORTED_PROTOCOL"?

abechank
Engager

I am trying to connect to a 7mode Netapp filer, but I am having issues. The error I found using the search index=_internal (source=*ontap* OR source=*hydra*) ERROR gives the log line:

2016-05-20 11:19:57,444 ERROR _TAOntapConfService] __validate_ontap_server] Could not interact with ontap on host=somehost.com,       error: _OntapClient] Client Side Code Error 13001: _SSL: UNSUPPORTED_PROTOCOL] unsupported protocol (_ssl.c:603)

I'm at a loss trying to understand where the error is given this message. This error and issue only started coming up recently when we moved our test server from 6.3.* to 6.4. Prior to the upgrade, this connection was working. What can I do to resolve this error?

0 Karma
1 Solution

jkat54
SplunkTrust
SplunkTrust

looks like the ontap_server url is not supporting HTTPS.

Please check your ontap configuration file and insure that your ontap_server address is correct. Maybe try opening the URL in your browser to see if the ontap is indeed supporting HTTPS or not.

View solution in original post

jkat54
SplunkTrust
SplunkTrust

looks like the ontap_server url is not supporting HTTPS.

Please check your ontap configuration file and insure that your ontap_server address is correct. Maybe try opening the URL in your browser to see if the ontap is indeed supporting HTTPS or not.

abechank
Engager

Thanks! This comment led us to eventually trying to configure a couple things differently on the ontap side. It looks like Splunk requires that the connection be TLS. If it isn't then this log error gets produced. So our fix was to make sure TLS was enabled on the ontap side.

If you'd like, please take this comment + yours and make it an answer. I can then mark this answered.

lee_melvin
Path Finder

We had the same issue upgrading from 6.2 to 6.4; a bunch of our filers dropped out of data collection.

To put a little extra detail on it, for 7-mode at least, this means setting

options httpd.admin.ssl.enable on
options tls.enable on

jkat54
SplunkTrust
SplunkTrust

done. Thanks for coming back and reporting the results, etc!

0 Karma
Get Updates on the Splunk Community!

The Splunk Success Framework: Your Guide to Successful Splunk Implementations

Splunk Lantern is a customer success center that provides advice from Splunk experts on valuable data ...

Splunk Training for All: Meet Aspiring Cybersecurity Analyst, Marc Alicea

Splunk Education believes in the value of training and certification in today’s rapidly-changing data-driven ...

Investigate Security and Threat Detection with VirusTotal and Splunk Integration

As security threats and their complexities surge, security analysts deal with increased challenges and ...