Hello everyone, I have two problem 😞
First, Failed to index data:
2018-03-16 12:44:46,945 +0000 log_level=ERROR, pid=10450, tid=Thread-6, file=ta_data_collector.py, func_name=index_data, code_line_no=118 | [stanza_name="sc-input" data="sc_vulnerability" server="sc-server"] Failed to index data
Traceback (most recent call last):
File "/opt/splunk/etc/apps/Splunk_TA_nessus/bin/splunk_ta_nessus/splunktaucclib/data_collection/ta_data_collector.py", line 115, in index_data
self._do_safe_index()
File "/opt/splunk/etc/apps/Splunk_TA_nessus/bin/splunk_ta_nessus/splunktaucclib/data_collection/ta_data_collector.py", line 148, in _do_safe_index
self._client = self._create_data_client()
File "/opt/splunk/etc/apps/Splunk_TA_nessus/bin/splunk_ta_nessus/splunktaucclib/data_collection/ta_data_collector.py", line 95, in _create_data_client
self._checkpoint_manager)
File "/opt/splunk/etc/apps/Splunk_TA_nessus/bin/splunk_ta_nessus/splunktaucclib/data_collection/ta_data_client.py", line 55, in __init__
self._ckpt)
File "/opt/splunk/etc/apps/Splunk_TA_nessus/bin/splunk_ta_nessus/ta_tenable_sc_data_collector.py", line 18, in do_job_one_time
return _do_job_one_time(all_conf_contents, task_config, ckpt)
File "/opt/splunk/etc/apps/Splunk_TA_nessus/bin/splunk_ta_nessus/ta_tenable_sc_data_collector.py", line 62, in _do_job_one_time
raise Exception
Exception
Second, SSL CERTIFICATE_VERIFY_FAILED:
2018-03-16 12:50:26,942 +0000 log_level=ERROR, pid=10450, tid=Thread-4, file=ta_tenable_sc_data_collector.py, func_name=_do_job_one_time, code_line_no=61 | [stanza_name="sc-input" data="sc_vulnerability" server="sc-server"] [SSL: CERTIFICATE_VERIFY_FAILED] certificate verification failed. The certificate validation is enabled. You may need to check the certificate and refer to the documentation and add it to the trust list.
For SSL CERTIFICATE_VERIFY_FAILED, I already replace content of .pem file with cacert.txt. But Problem is still continued 😞
For the certificate verify issue, these steps are helpful
https://answers.splunk.com/answers/7164/how-do-i-set-up-ssl-forwarding-with-new-self-signed-certific...
And when you create the certs and complete the openssl "questionaire" make sure the common name/FQDN is different for the root cert and the server cert. It will not work is you use the same value for both. (even if the value is blank)