Security
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Splunk 6 Ciso ips error

fraijof
Explorer
‎10-16-2013 09:28 AM

I upgraded Splunk to version 6 and data stopped flowing from our CiscoIPS. My sdee_get.log shows this error:
Wed Oct 16 09:16:53 2013 - ERROR - Connecting to sensor - MY IP: URLError:

I dug in deeper and I think its barking at the negotiation of SSL?
/splunk/lib/python2.7/ssl.py

I changed ssl.py ssl_version=PROTOCOL_SSLv23 to ssl_version=PROTOCOL_TLSv1 and still did not work.
I hope to get this online ASAP.

Tags (1)
0 Karma
Reply

dshpritz
SplunkTrust
SplunkTrust
‎05-14-2014 03:39 PM

You may want to check out my answer here: http://answers.splunk.com/answers/105193/cisco-ips-error-errno-8/135759. I posted some code that may solve this issue for you.

0 Karma
Reply

seanp
Path Finder
‎10-17-2013 11:34 AM

I had the same issue doing a new install on Splunk 6. I ended up having to install a Splunk 5.0.5 lightweight forwarder on a separate server and forward it to the central server. When I ran

openssl s_client -connect :443

with the version that is included in Splunk 6 but works fine in version 5.0.5. There seems to be an issue with this on Linux, however I experience the same issue with Windows

http://answers.splunk.com/answers/105193/cisco-ips-error-errno-8

0 Karma
Reply

seanp
Path Finder
‎10-17-2013 11:56 AM

I tried the very hackish replacing of the OpenSSL binary files in the bin directory with 0.9.8y but only got errors.

0 Karma
Reply

jgauthier
Contributor
‎10-17-2013 11:42 AM

I was just uncovering this mess. Wouldn't it be possible to include another openssl library somewhere and reference that?

0 Karma
Reply

jgauthier
Contributor
‎10-17-2013 11:26 AM

Mine is also broken after upgrading. I am still diagnosing this.

0 Karma
Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey
Get Updates on the Splunk Community!

Tech Talk Recap | Mastering Threat Hunting

Mastering Threat HuntingDive into the world of threat hunting, exploring the key differences between ...

Observability for AI Applications: Troubleshooting Latency

If you’re working with proprietary company data, you’re probably going to have a locally hosted LLM or many ...

Splunk AI Assistant for SPL vs. ChatGPT: Which One is Better?

In the age of AI, every tool promises to make our lives easier. From summarizing content to writing code, ...