REST API Modular input "EOF occured in violation o...

mactho · ‎11-12-2017

Hello
I have the REST API Modular Input APP on a Universal Forwarder configured to consume (make rest calls) to management/health endpoints on rabbit queues. However I get this error turning up in the splunkd.log file whenever the app attempts to contact the endpoint:

Exception performing request: [Errno 8] _ssl.c:490: EOF occurred in violation of protocol

inputs.conf ssl section:

[SSL]
serverCert = <path to my trust store>

Was working fine on HTTP but then stopped working on HTTPS

Damien_Dallimor · ‎11-12-2017

That error message and the SSL stanza have absolutely nothing to do with the REST Mod Input.

What are you actually trying to accomplish? Guessing here , but are you trying to setup client certificate based authentication for a HTTPs request using the REST Mod Input ?

mactho · ‎11-14-2017

Ok I have it sorted. I had to implement this :

class MyAdapter(HTTPAdapter):
    def init_poolmanager(self, connections, maxsize, block=False):
        self.poolmanager = PoolManager(num_pools=connections,
                                       maxsize=maxsize,
                                       block=block,
                                       ssl_version=ssl.PROTOCOL_TLSv1)


        s = requests.Session()
        s.mount('https://', MyAdapter())

in rest.py and then use the session object to make the request.

REST API Modular input "EOF occured in violation of protocol"

Stay Connected: Your Guide to July Tech Talks, Office Hours, and Webinars!

Updated Data Type Articles, Anniversary Celebrations, and More on Splunk Lantern

A Prelude to .conf25: Your Guide to Splunk University

Are you a member of the Splunk Community?

REST API Modular input "EOF occured in violation of protocol"

Stay Connected: Your Guide to July Tech Talks, Office Hours, and Webinars!

Updated Data Type Articles, Anniversary Celebrations, and More on Splunk Lantern

A Prelude to .conf25: Your Guide to Splunk University