- Community
- :
- Splunk Answers
- :
- Apps and Add-ons
- :
- All Apps and Add-ons
- :
- Why do I keep getting an error in Afterglow on Win...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Why do I keep getting an error in Afterglow on Windows 2016 / Splunk 7x?
Wondering if anyone has afterglow running in a windows environment on splunk 7x. I have perl installed and graphviz... but I keep getting an error:
AfterGlow was not able to generate a graph. Please check the neato directory in the AfterGlow Setup.
.conf looks like:
[afterglow]
disabled = 0
neato_path = C:\Program Files (x86)\Graphviz2.38\bin
perl_path = C:\Perl64\bin
errors in _internal are:
2018-04-10 14:01:58,141 ERROR [5acd0a253425c6bf216a0] AfterGlow:107 - command_used: "C:\Perl64\bin"\perl "E:\splunk\etc\apps\afterglow\appserver\modules\AfterGlow"\..\..\..\afterglow\afterglow.pl -c "E:\splunk\etc\apps\afterglow\appserver\modules\AfterGlow"\..\..\..\afterglow\sample.properties -a -e 1.2 | "C:\Program Files (x86)\Graphviz2.38\bin"\neato -Tgif -o "E:\splunk\etc\apps\afterglow\appserver\modules\AfterGlow"\..\..\static\afterglow1523386915.320.gif -Tcmapx -o "E:\splunk\etc\apps\afterglow\appserver\modules\AfterGlow"\..\..\static\afterglow1523386915.320.map
2018-04-10 14:01:58,009 INFO [5acd0a253425c6bf216a0] AfterGlow:83 - perl path: "C:\Perl64\bin"\perl
2018-04-10 14:01:58,009 INFO [5acd0a253425c6bf216a0] AfterGlow:82 - neato path: "C:\Program Files (x86)\Graphviz2.38\bin"\neato
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
[afterglow]
disabled = 0
neato_path = C:\Program Files (x86)\Graphviz2.38\bin
perl_path = C:\Perl64\bin
from reading the default confs this is what I am thinking it should be... but not entirely sure.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
raffy, can you confirm my formatting within the .conf file is correct?
The examples shown are in a few different permutations depending on where you look
In the gui, path to neato indicated no escaping of \ with a trailing \; as with perl, however the example in perl showed escaped \
Right how it is complaining that AfterGlow was not able to generate a graph. Pleach check the neato directoy in AfterGlow Setup. Really would like this to work and I know I am close but there is some nuance that is getting me.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
What happens when you run that command on the command line:
"C:\Perl64\bin"\perl "E:\splunk\etc\apps\afterglow\appserver\modules\AfterGlow"......\afterglow\afterglow.pl -c "E:\splunk\etc\apps\afterglow\appserver\modules\AfterGlow"......\afterglow\sample.properties -a -e 1.2 | "C:\Program Files (x86)\Graphviz2.38\bin"\neato -Tgif -o "E:\splunk\etc\apps\afterglow\appserver\modules\AfterGlow"....\static\afterglow1523386915.320.gif -Tcmapx -o "E:\splunk\etc\apps\afterglow\appserver\modules\AfterGlow"....\static\afterglow1523386915.320.map
i am a bit suspicious of all those dots in there. they might be wrong... they should be separated by a backslash, but try the command and see what happens.
Splunk Security Content for Threat Detection & Response, Q1 Roundup
Splunk Life | Happy Pride Month!
SplunkTrust | Where Are They Now - Michael Uschmann
