Hi. Damien Dallimore

Do you have any good idea for my feedback update?

Best regards
Seung-Man Jo

303 response is rather odd.
https://en.wikipedia.org/wiki/HTTP_303

Do you have any network devices in front of your Splunk server in your environment that could be doing this ?

Hi. Damien Dallimore

Yes. we have load balancer device which set Endpoint URL.
Amazon Alexa cloud Service not directly connect with Splunk instance.
Are there any required configure of Load balancer?
Or only allow connection between Amazon Alexa cloud and Splunk Instance directly.
Our Splunk Server running at AWS cloud environment.

Best regards
Seung-Man Jo

All I can suggest is determining what network device is returning a 303 redirect and eliminating it.

Hi. Damien Dallimore

I am not sure your answer.
Is that mean AWS Amazon Cloud Service need to connect Splunk Instance directly?

Thanks
Seung-Man Jo

It means go and have a talk to your network admin and ask what could be the cause of the 303 redirect, I don't know your network.

Hi. Damien Dallimore
Understand. however our environment running at AWS cloud. Hence we don`t have network team.
I will try to get this 303 cause with AWS support team. once get answer will update here again.

On other hand, I am set up my own AWS Splunk instance now.
Once set up completed, AWS Alexa Cloud service can connect directly to my Splunk App Instance. it should be no LB and Firewall issue.
I will update the result when I completed.

Thanks
Seung-Man Jo 

For what it's worth I have set the Alexa integration up on many EC2 instances before very easily.

Hi. Damien Dallimore.

Good news. If I success to integrate my own AWS Splunk instance, then I can find what is our current production Splunk App problem.
Finger cross to me.

Thanks
Seung-Man Jo

Hi. Damien Dallimore.

I created new Splunk Server with AWS EC2 instance.
After set up this instance, I got new error message at test step.
It is below:
There was an exception during the SSL hand shake. Please check the certificate you have provided.

Could you provide any step for validation?
Does certificate.pem file include ID and password correctly?

Thanks
Seung-Man Jo

Hi. Damien Dallimore.

Can I get your help for my issue?
Here are some more questions.

Question 1: what is my correct DNS.1?

My Splunk server running at AWS EC2 instance with Elastic IP. Here are my EC2 instance details. Public DNS (IPv4):ec2-34-196-111-xxx.compute-1.amazonaws.com

Private DNS: ip-172-31-28-xxx.ec2.internal

Here are my configuration.cnf file details.

[req] distinguished_name = req_distinguished_name x509_extensions = v3_req prompt = no

[req_distinguished_name] C = US ST = WA L = Seattle O = Axxxxxx CN = Splunkalexa

[v3_req] keyUsage = keyEncipherment, dataEncipherment extendedKeyUsage = serverAuth subjectAltName = @subject_alternate_names

[subject_alternate_names] DNS.1 = ec2-34-196-111-xxx.compute-1.amazonaws.com

I tested with below DNS.1 values.

DNS.1 = ec2-34-196-111-xxx.compute-1.amazonaws.com

DNS.1 = compute-1.amazonaws.com

DNS.1 = amazonaws.com

DNS.1 = eip-172-31-28-xxx.ec2.internal

DNS.1 = ec2.internal

All test results were failed.

Questions 2: Are there any additional steps require for below?

Create Self-Certificate

https://developer.amazon.com/public/solutions/alexa/alexa-skills-kit/docs/testing-an-alexa-skill#cre...

Set up the Java Keystore

https://developer.amazon.com/public/solutions/alexa/alexa-skills-kit/docs/deploying-a-sample-skill-a...

I completed 1,2 and 3 steps not step 4.

Questions 3: Does AWS EC2 instance of key pair name are impact?

During the generate keystore steps, There are only put in password steps.

If I am using AWS Elastic IP, Do I need any additional steps?

Questions 4: What is AWS Alexa Splunk call REST API URL?

I am testing with postman for Splunk Server REST API.

But below my test URL failed as an unexpected result.

https://ec2-34-196-111-xxx.compute-1.amazonaws.com/en-US/app/alexa/

URL should be ~xxxx/api

Thanks
Seung-Man Jo

Hi. Damien Dallimore.

Thanks for your answer
I tried to configure for 'Talk to Splunk with Amazon Alexa' with your URL reference before.
Here are my answer what I tested.

• Correct Splunk Version 5+ ?
Yes. Splunk 6.5.1
• Correct Java Runtime version 8+ ?
Yes. 1.8.0.92
• Supported OS ?
Yes. Linux ip-1x-xx-xx-xxx 4.4.51-40.60.amzn1.x86_64 #1 SMP Wed Mar 29 19:17:24 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
• HTTPs port was successfully opened ? netstat -plnt is a useful command to check with.
Yes. Our Environment URL running with 443 port. Splunk Server running with 8000 port internally.
When check with URL port scanning, the result shows that 443 port open.
• Running Splunk as a privileged user for using a HTTPs port < 1024 ?
Yes. Logon user with https URL
• Firewall is open for incoming traffic for the HTTPs port ?
Yes. Using internet can access Https URL Splunk
• Correct path to Java keystore ?
Yes. /opt/splunk/etc/apps/alexa/crypto
• Correct name of Java keystore
Yes. java-keystore.jks
• Correct Java keystore password ?
Yes.
• Keystore and Key passwords are the same ?
Yes
• Have you looked in the logs for errors ?
Yes.
Web access log show same as Service response which returned HTTP 303.
Below are log sample.
127.0.0.1 - - [17/Apr/2017:16:01:37.503 +0000] "GET /apac/en-US/static/@28293E15F4074E5A10CA2E4022F4A888AEEA5CFB6C059E2E8BC0908A0F4449AA.273/build/pages/enterprise/home.js HTTP/1.1" 200 117498 "https://xx.xxx.com/apac/en-US/app/launcher/home" "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:47.0) Gecko/20100101 Firefox/47.0" - 58f4e6e1807fbcd4297610 4ms
127.0.0.1 - - [17/Apr/2017:16:15:21.775 +0000] "POST /apac/en-US/app/alexa/ HTTP/1.1" 303 238 "" "Apache-HttpClient/UNAVAILABLE (Java/1.8.0_112)" - 58f4ea19c67fbcd4297410 7ms

• Can you successfully test the skill from the Amazon developer console ?
No. When test step, it shows error.
Service response tab show below:
There was an error calling the remote endpoint, which returned HTTP 303 : See Other
• Did you generate your certificate with the correct hostname/domain for your running Splunk instance ?
Yes
• Are there DNS configuration errors in the logs ? You may need to put an entry in your local /etc/hosts to resolve this hostname correctly to 127.0.0.1 (localhost)
Is it Mandatory configuration?
Currently our host file configured as below:
[xxx@ip-10-0-xxx-xxx etc]$ cat hosts
10.0.xxx.xxx SH1
[xxx@ip-10-0-xxx-xxx etc]$ hostname
ip-10-0-xxx-xxx
Is it correct our host file should be configure as below:
10.0.xxx.xxx ip-10-0-xxx-xxx
127.0.0.1 localhost
This is not sure. Could you provide the detail steps to check for this?

Thanks
Seung-Man Jo