All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Splunk Akamai SIEM integration apps error and cannot initialize

chrishow
Engager
‎05-30-2019 11:35 PM

Hi all,

We have receive the following error after install the Akamai integrations apps in splunk:

alt text

Note that I already install the latest Java version. Please assist if possible. In addition, note that there is no data input menu as instructed by the article as shown above screenshot. Could it be it is because of the error? Because I cannot find the data input setting, I'm unable to proceed to enter the information such as credentials and tokens as specified in this article: https://developer.akamai.com/tools/integrations/siem/siem-splunk-connector

Tags (1)
Preview file
1 KB
0 Karma
Reply

James_ACN
Loves-to-Learn Everything
‎10-26-2021 03:30 PM

Hi @chrishow .

 

Hello my friend.
I know it's been a while since I posted this error, but I'm also facing the same issue.
But in my case the SIEM connector is installed directly in Splunk Indexer.
Did you manage to solve this problem?
Can anyone in the community help?

Splunk Enterprise Version:8.2.2
siem-splunk-connector: 1.4.9
java version "1.8.0_311"
Java(TM) SE Runtime Environment (build 1.8.0_311-b11)
Java HotSpot(TM) 64-Bit Server VM (build 25.311-b11, mixed mode)

splunkd.log:


10-26-2021 19:09:55.623 -0300 INFO ExecProcessor [2021 ExecProcessor] - message from "/opt/splunk/etc/apps/TA-Akamai_SIEM/linux_x86_64/bin/TA-Akamai_SIEM.sh" infoMsg = streamEvents, begin streamEvents
10-26-2021 19:09:55.842 -0300 INFO ExecProcessor [2021 ExecProcessor] - message from "/opt/splunk/etc/apps/TA-Akamai_SIEM/linux_x86_64/bin/TA-Akamai_SIEM.sh" infoMsg = streamEvents, inputName=TA-Akamai_SIEM://akamai_vibra
10-26-2021 19:09:55.842 -0300 INFO ExecProcessor [2021 ExecProcessor] - message from "/opt/splunk/etc/apps/TA-Akamai_SIEM/linux_x86_64/bin/TA-Akamai_SIEM.sh" infoMsg = streamEvents, inputName(String)=TA-Akamai_SIEM://akamai_vibra
10-26-2021 19:09:55.847 -0300 INFO ExecProcessor [2021 ExecProcessor] - message from "/opt/splunk/etc/apps/TA-Akamai_SIEM/linux_x86_64/bin/TA-Akamai_SIEM.sh" infoMsg=Processing Data...
10-26-2021 19:09:55.849 -0300 INFO ExecProcessor [2021 ExecProcessor] - message from "/opt/splunk/etc/apps/TA-Akamai_SIEM/linux_x86_64/bin/TA-Akamai_SIEM.sh" infoMsg=KV Service get...
10-26-2021 19:09:55.900 -0300 ERROR ExecProcessor [2021 ExecProcessor] - message from "/opt/splunk/etc/apps/TA-Akamai_SIEM/linux_x86_64/bin/TA-Akamai_SIEM.sh" Message : Connection refused (Connection refused), Exception : java.lang.RuntimeException: Connection refused (Connection refused)
10-26-2021 19:09:55.900 -0300 ERROR ExecProcessor [2021 ExecProcessor] - message from "/opt/splunk/etc/apps/TA-Akamai_SIEM/linux_x86_64/bin/TA-Akamai_SIEM.sh" at com.splunk.HttpService.send(HttpService.java:462)
10-26-2021 19:09:55.900 -0300 ERROR ExecProcessor [2021 ExecProcessor] - message from "/opt/splunk/etc/apps/TA-Akamai_SIEM/linux_x86_64/bin/TA-Akamai_SIEM.sh" at com.splunk.Service.send(Service.java:1295)
10-26-2021 19:09:55.900 -0300 ERROR ExecProcessor [2021 ExecProcessor] - message from "/opt/splunk/etc/apps/TA-Akamai_SIEM/linux_x86_64/bin/TA-Akamai_SIEM.sh" at com.akamai.siem.Main.getValuesFromKVStore(Main.java:802)
10-26-2021 19:09:55.900 -0300 ERROR ExecProcessor [2021 ExecProcessor] - message from "/opt/splunk/etc/apps/TA-Akamai_SIEM/linux_x86_64/bin/TA-Akamai_SIEM.sh" at com.akamai.siem.Main.streamEvents(Main.java:449)
10-26-2021 19:09:55.900 -0300 ERROR ExecProcessor [2021 ExecProcessor] - message from "/opt/splunk/etc/apps/TA-Akamai_SIEM/linux_x86_64/bin/TA-Akamai_SIEM.sh" at com.splunk.modularinput.Script.run(Script.java:74)
10-26-2021 19:09:55.900 -0300 ERROR ExecProcessor [2021 ExecProcessor] - message from "/opt/splunk/etc/apps/TA-Akamai_SIEM/linux_x86_64/bin/TA-Akamai_SIEM.sh" at com.splunk.modularinput.Script.run(Script.java:48)
10-26-2021 19:09:55.900 -0300 ERROR ExecProcessor [2021 ExecProcessor] - message from "/opt/splunk/etc/apps/TA-Akamai_SIEM/linux_x86_64/bin/TA-Akamai_SIEM.sh" at com.akamai.siem.Main.main(Main.java:116)
10-26-2021 19:09:55.900 -0300 ERROR ExecProcessor [2021 ExecProcessor] - message from "/opt/splunk/etc/apps/TA-Akamai_SIEM/linux_x86_64/bin/TA-Akamai_SIEM.sh" Caused by: java.net.ConnectException: Connection refused (Connection refused)
10-26-2021 19:09:55.900 -0300 ERROR ExecProcessor [2021 ExecProcessor] - message from "/opt/splunk/etc/apps/TA-Akamai_SIEM/linux_x86_64/bin/TA-Akamai_SIEM.sh" at java.net.PlainSocketImpl.socketConnect(Native Method)
10-26-2021 19:09:55.900 -0300 ERROR ExecProcessor [2021 ExecProcessor] - message from "/opt/splunk/etc/apps/TA-Akamai_SIEM/linux_x86_64/bin/TA-Akamai_SIEM.sh" at java.net.AbstractPlainSocketImpl.doConnect(Unknown Source)
10-26-2021 19:09:55.900 -0300 ERROR ExecProcessor [2021 ExecProcessor] - message from "/opt/splunk/etc/apps/TA-Akamai_SIEM/linux_x86_64/bin/TA-Akamai_SIEM.sh" at java.net.AbstractPlainSocketImpl.connectToAddress(Unknown Source)
10-26-2021 19:09:55.900 -0300 ERROR ExecProcessor [2021 ExecProcessor] - message from "/opt/splunk/etc/apps/TA-Akamai_SIEM/linux_x86_64/bin/TA-Akamai_SIEM.sh" at java.net.AbstractPlainSocketImpl.connect(Unknown Source)
10-26-2021 19:09:55.900 -0300 ERROR ExecProcessor [2021 ExecProcessor] - message from "/opt/splunk/etc/apps/TA-Akamai_SIEM/linux_x86_64/bin/TA-Akamai_SIEM.sh" at java.net.SocksSocketImpl.connect(Unknown Source)
10-26-2021 19:09:55.900 -0300 ERROR ExecProcessor [2021 ExecProcessor] - message from "/opt/splunk/etc/apps/TA-Akamai_SIEM/linux_x86_64/bin/TA-Akamai_SIEM.sh" at java.net.Socket.connect(Unknown Source)
10-26-2021 19:09:55.900 -0300 ERROR ExecProcessor [2021 ExecProcessor] - message from "/opt/splunk/etc/apps/TA-Akamai_SIEM/linux_x86_64/bin/TA-Akamai_SIEM.sh" at sun.security.ssl.SSLSocketImpl.connect(Unknown Source)
10-26-2021 19:09:55.900 -0300 ERROR ExecProcessor [2021 ExecProcessor] - message from "/opt/splunk/etc/apps/TA-Akamai_SIEM/linux_x86_64/bin/TA-Akamai_SIEM.sh" at sun.net.NetworkClient.doConnect(Unknown Source)
10-26-2021 19:09:55.900 -0300 ERROR ExecProcessor [2021 ExecProcessor] - message from "/opt/splunk/etc/apps/TA-Akamai_SIEM/linux_x86_64/bin/TA-Akamai_SIEM.sh" at sun.net.www.http.HttpClient.openServer(Unknown Source)
10-26-2021 19:09:55.900 -0300 ERROR ExecProcessor [2021 ExecProcessor] - message from "/opt/splunk/etc/apps/TA-Akamai_SIEM/linux_x86_64/bin/TA-Akamai_SIEM.sh" at sun.net.www.http.HttpClient.openServer(Unknown Source)
10-26-2021 19:09:55.900 -0300 ERROR ExecProcessor [2021 ExecProcessor] - message from "/opt/splunk/etc/apps/TA-Akamai_SIEM/linux_x86_64/bin/TA-Akamai_SIEM.sh" at sun.net.www.protocol.https.HttpsClient.<init>(Unknown Source)
10-26-2021 19:09:55.900 -0300 ERROR ExecProcessor [2021 ExecProcessor] - message from "/opt/splunk/etc/apps/TA-Akamai_SIEM/linux_x86_64/bin/TA-Akamai_SIEM.sh" at sun.net.www.protocol.https.HttpsClient.New(Unknown Source)
10-26-2021 19:09:55.900 -0300 ERROR ExecProcessor [2021 ExecProcessor] - message from "/opt/splunk/etc/apps/TA-Akamai_SIEM/linux_x86_64/bin/TA-Akamai_SIEM.sh" at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(Unknown Source)
10-26-2021 19:09:55.900 -0300 ERROR ExecProcessor [2021 ExecProcessor] - message from "/opt/splunk/etc/apps/TA-Akamai_SIEM/linux_x86_64/bin/TA-Akamai_SIEM.sh" at sun.net.www.protocol.http.HttpURLConnection.plainConnect0(Unknown Source)
10-26-2021 19:09:55.900 -0300 ERROR ExecProcessor [2021 ExecProcessor] - message from "/opt/splunk/etc/apps/TA-Akamai_SIEM/linux_x86_64/bin/TA-Akamai_SIEM.sh" at sun.net.www.protocol.http.HttpURLConnection.plainConnect(Unknown Source)
10-26-2021 19:09:55.900 -0300 ERROR ExecProcessor [2021 ExecProcessor] - message from "/opt/splunk/etc/apps/TA-Akamai_SIEM/linux_x86_64/bin/TA-Akamai_SIEM.sh" at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
10-26-2021 19:09:55.900 -0300 ERROR ExecProcessor [2021 ExecProcessor] - message from "/opt/splunk/etc/apps/TA-Akamai_SIEM/linux_x86_64/bin/TA-Akamai_SIEM.sh" at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(Unknown Source)
10-26-2021 19:09:55.900 -0300 ERROR ExecProcessor [2021 ExecProcessor] - message from "/opt/splunk/etc/apps/TA-Akamai_SIEM/linux_x86_64/bin/TA-Akamai_SIEM.sh" at com.splunk.HttpService.send(HttpService.java:460)
10-26-2021 19:09:55.900 -0300 ERROR ExecProcessor [2021 ExecProcessor] - message from "/opt/splunk/etc/apps/TA-Akamai_SIEM/linux_x86_64/bin/TA-Akamai_SIEM.sh" ... 6 more

 

Thanks in Advanced.

James \o/

0 Karma
Reply
Get Updates on the Splunk Community!

Extending Observability Content to Splunk Cloud

Watch Now!   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to leverage ...

More Control Over Your Monitoring Costs with Archived Metrics!

What if there was a way you could keep all the metrics data you need while saving on storage costs?This is now ...

New in Observability Cloud - Explicit Bucket Histograms

Splunk introduces native support for histograms as a metric data type within Observability Cloud with Explicit ...