All Apps and Add-ons
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

What settings are needed to run the Splunk Add-on for Check Point OPSEC LEA in 6.4.1 on Red Hat Enterprise Linux 7?

pinVie
Path Finder
‎06-15-2016 05:50 AM

Hi,

Is anybody running the Splunk Add-on for Check Point OPSEC LEA on RHEL 7?
If so, are there special settings or the like that have to be done?

Thank you !

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

javiergn
Super Champion
‎06-15-2016 06:17 AM

We are.
No issues so far. I know it's not meant to be fully supported by the current version of the App (3.1.0), but it's not causing any issues.
Keep in mind it won't work with Splunk 6.4 or above.

The new release of the App is supposed to be coming out soon so RHEL 7 might be fully supported then (and also Splunk 6.4 and above).

View solution in original post

Reply
Solved! Jump to solution
Solution

javiergn
Super Champion
‎06-15-2016 06:17 AM

We are.
No issues so far. I know it's not meant to be fully supported by the current version of the App (3.1.0), but it's not causing any issues.
Keep in mind it won't work with Splunk 6.4 or above.

The new release of the App is supposed to be coming out soon so RHEL 7 might be fully supported then (and also Splunk 6.4 and above).

Reply
Solved! Jump to solution

pinVie
Path Finder
‎06-15-2016 06:20 AM

Thank you for this information - I installed it some minutes ago and get this error "custom:199 - cannot load specified module remote in app Splunk_TA_opseclea_linux22: /opt/splunk/lib/python2.7/site-packages/M2Crypto/__m2crypto.so: undefined symbol: SSLv2_method"

I thought that this might be related to the fact that we are using RHEL 7 but it seems that it is a different reason.

0 Karma
Reply
Solved! Jump to solution

javiergn
Super Champion
‎06-15-2016 06:45 AM

Are you running Splunk 6.4?
If so, you need to downgrade to 6.3 because python in 6.4 doesn't work with OPSEC LEA.

This will be fixed in the next release of OPSEC LEA app

Reply
Solved! Jump to solution

pinVie
Path Finder
‎06-15-2016 06:46 AM

Yes I am running 6.4.1.
Thank you for this hint !!!!! 🙂

0 Karma
Reply
Solved! Jump to solution

javiergn
Super Champion
‎06-15-2016 06:48 AM

I had exactly the same problem 3 weeks ago so still fresh 😄

0 Karma
Reply
Solved! Jump to solution

javiergn
Super Champion
‎06-15-2016 06:49 AM

By the way, if this works for you don't forget to mark it as answered so that others can benefit from it

0 Karma
Reply
Solved! Jump to solution

pinVie
Path Finder
‎06-15-2016 07:28 AM

Done - it is working 🙂

0 Karma
Reply
Get Updates on the Splunk Community!

Index This | How many sides does a circle have?

  March 2025 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this ...

New This Month - Splunk Observability updates and improvements for faster ...

What’s New? This month, we’re delivering several enhancements across Splunk Observability Cloud for faster and ...

What's New in Splunk Cloud Platform 9.3.2411?

Hey Splunky People! We are excited to share the latest updates in Splunk Cloud Platform 9.3.2411. This release ...
Top