All Apps and Add-ons

Splunk_TA_cisco-ips handshake failure

Path Finder


After upgrading my cisco ips from 7.1(6)E4 to 7.1(10)E4 I get these error messages from in Splunk_TA_cisco-ips add-on.

Traceback (most recent call last):
  File "/opt/splunk/etc/apps/Splunk_TA_cisco-ips/bin/", line 295, in <module>
  File "/opt/splunk/etc/apps/Splunk_TA_cisco-ips/bin/", line 116, in run
  File "/opt/splunk/etc/apps/Splunk_TA_cisco-ips/bin/pysdee/", line 187, in open
  File "/opt/splunk/etc/apps/Splunk_TA_cisco-ips/bin/pysdee/", line 163, in _request
    data = urllib2.urlopen(req)
  File "/opt/splunk/lib/python2.7/", line 127, in urlopen
    return, data, timeout)
  File "/opt/splunk/lib/python2.7/", line 404, in open
    response = self._open(req, data)
  File "/opt/splunk/lib/python2.7/", line 422, in _open
    '_open', req)
  File "/opt/splunk/lib/python2.7/", line 382, in _call_chain
    result = func(*args)
  File "/opt/splunk/lib/python2.7/", line 1222, in https_open
    return self.do_open(httplib.HTTPSConnection, req)
  File "/opt/splunk/lib/python2.7/", line 1184, in do_open
    raise URLError(err)
urllib2.URLError: <urlopen error [Errno 1] _ssl.c:527: error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure>

Upgrading ips addon to 2.1.2 to 2.1.4 don't resolve connection problem to my IPS. The credential are OK, using curl with --insecure mode i gen get over the handshake. Splunk was restarted, machine was restarted. Any idea how can i resolve this?

0 Karma
1 Solution

Splunk Employee
Splunk Employee
0 Karma
Get Updates on the Splunk Community!

Detecting Remote Code Executions With the Splunk Threat Research Team

WATCH NOWRemote code execution (RCE) vulnerabilities pose a significant risk to organizations. If exploited, ...

Enter the Splunk Community Dashboard Challenge for Your Chance to Win!

The Splunk Community Dashboard Challenge is underway! This is your chance to showcase your skills in creating ...

.conf24 | Session Scheduler is Live!!

.conf24 is happening June 11 - 14 in Las Vegas, and we are thrilled to announce that the conference catalog ...