Monitoring Splunk
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Using python external lookup An error occurs when requesting an HTTPS website

bestSplunker
Contributor
‎03-11-2019 11:26 PM

I have a simple external lookup python script that implements a simple post request and returns the result to the splunk search.I know the script will call splunk built-in python, so I suspect that there is a problem with the built-in ssl library , which causes the script to fail to request the https website.

When running python script with module requests to get https response,it occurrs a error 'NoneType' object has no attribute 'wrap_socket'.

alt text

If I put splunk's python executable file (/opt/splunk/bin/python2.7 ) soft link to linux os python, everything works fine. However, some functions of splunk become unusable. For example, splunk will return an error when creating a new user. This is because I changed the soft link of the splunk python executable. So I can't modify splunk's python program at random.

So how to solve this problem? Who can provide an example of an external lookup script that requests the https website?

all help would be greatly appreciated.

splunk verson 6.4.3

Tags (1)
Preview file
1 KB
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

MuS
Legend
‎03-12-2019 07:38 PM

The easiest option would be to place the OS requests module into your apps bin directory so this will be loaded. Another option is to insert the OS Python module path before the Splunk Python module path in your script.

I did both previously in Python scripts and it work just fine.

cheers, MuS

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

MuS
Legend
‎03-12-2019 07:38 PM

The easiest option would be to place the OS requests module into your apps bin directory so this will be loaded. Another option is to insert the OS Python module path before the Splunk Python module path in your script.

I did both previously in Python scripts and it work just fine.

cheers, MuS

0 Karma
Reply
Solved! Jump to solution

bestSplunker
Contributor
‎03-13-2019 12:17 AM

@MuS Good answer, I hope I can recommend your answer, because you write a comment, I can not recommend your answer.

0 Karma
Reply
Solved! Jump to solution

MuS
Legend
‎03-13-2019 11:48 AM

Converted to answer 😉

cheers, MuS

0 Karma
Reply
Solved! Jump to solution

nickhills
Ultra Champion
‎03-12-2019 03:38 AM

As you have noticed, you should not try to replace/link the python packages with that of the local OS - bad things will happen.

If my comment helps, please give it a thumbs up!
0 Karma
Reply
Solved! Jump to solution

bestSplunker
Contributor
‎03-12-2019 05:59 PM

@nickhillscpl OK,So is splunk's built-in SSL lib in wrong ? Have you ever used external lookups to request HTTPS websites? Have you ever encountered such a problem?

0 Karma
Reply
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...