All Apps and Add-ons

Why is the script generating an error with Tripwire Add-On?

Path Finder

Hi

I have been trying to integrate FIM and SCM logs from tripwire 8.3.7 but the script is generating the exception below:

Exception: SOAP-ENV:ClientOnly the built-in administrator can access the SOAP API while in Common Criteria mode.

Even though the Admin privileges have been assigned to the user we still see the same error on Splunk.

0 Karma
1 Solution

Path Finder

We found the issue, issue was on Tripwire End;

The Add-on requires complete Admin access to Tripwire Consoles.

you need to change the following entry in server.properties file on the tripwire:
tw.securityAuditLog.enabled=false

if set to true, this restricts all users except the Built-In Administrator for TE console from accessing the SOAP API

View solution in original post

0 Karma

Path Finder

We found the issue, issue was on Tripwire End;

The Add-on requires complete Admin access to Tripwire Consoles.

you need to change the following entry in server.properties file on the tripwire:
tw.securityAuditLog.enabled=false

if set to true, this restricts all users except the Built-In Administrator for TE console from accessing the SOAP API

View solution in original post

0 Karma

Explorer

Perfect, that is exactly what I needed. Changed that and works like champ.

0 Karma

Explorer

Has anyone found the answer to this? I've been struggling through the TE addon install, and finally have gotten to where I"m getting my assets into Splunk, but now I get this same error, and none of the data seems to be coming in. The addon instructions specifically say to create a separate user in TE for this purpose, which I have done and given it Administrator rights with all groups access as well. What is the reason for this error? Do we have to use the REST API instead of SOAP if we're not using the built-in TE admin account? Thanks.

0 Karma