Re: Apps push not working - Why did it fail to ver...

Marco-IT · ‎05-12-2022

Hi,

after an upgrade from 7.3 (to 8.1.0 and then) to 8.2.5, there are some errors on splunkd.log.

SH1:

ERROR DistHealthFetcher [115123 DistHealthReporter] - failed to execute health transaction to instance at uri=https://<my_uri>:8089, error=Non-200 status_code=401, uri=https://<my_uri>:8089/services/server/health/splunkd/local, status_description="Unauthorized".

SH2 and SH3:

ERROR DigestProcessor [107884 TcpChannelThread] - Failed signature match
ERROR LMHttpUtil [107884 TcpChannelThread] - Failed to verify HMAC signature, uri: /services/server/health/splunkd/local?output_mode=json

Besides, if I try to push some apps' configurations, it doesn't work.

The environment consists of a Deployment Server/Cluster Master (same instance), 3 Search Heads and 2 Indexers.
All the files in server.conf in the DS/CM and SHs have the same pass4SymmKey:

[clustering]
master_uri = <my_master_uri>
pass4SymmKey = <my_crypted_pass>

Does anyone have an idea about what's wrong?

Thanks in advance

abramble · ‎07-21-2022

Hi @Marco-IT - I don't think this is related to app push but to cluster-master/license-master communication , I have seen this from a deployment server when at a higher version than cluster master (8.0.5) vs 8.2.6.1.

Did you find this went away after they all arrived at the same version ?

Marco-IT · ‎07-21-2022

Hi @abramble, thank you for your answer.

Apparently, push wasn't working for another problem and all the servers have the same version of splunk (8.2.5), these messages are still logged though.

Apps push not working - Why did it fail to verify HMAC signature?

deployment server

distributed search

search head

Can’t make it to .conf25? Join us online!

Community Content Calendar, September edition

Splunkbase Unveils New App Listing Management Public Preview

Leveraging Automated Threat Analysis Across the Splunk Ecosystem

Are you a member of the Splunk Community?