After upgrade splunk to 7.2.4 one curl search that was working perfectly in version 6.5.3 doesn't work anymore.
The result is
curl: (35) TCP connection reset by peer
I have try using -k in the call, also indicate the ssl version --tlsv1.2 also update openssl. But none of them have solved the problem.
Any idea how to solve this problem. The thing is that even a simple query return the same message.
thanks in advance
Are you performing this curl from Splunk to a remote webservice, or from another system to Splunk?
It might help if you can post the full curl statement (remove anything sensitive)
curl 7.29.0 (x86_64-redhat-linux-gnu) libcurl/7.29.0 NSS/3.36 zlib/1.2.7 libidn/1.28 libssh2/1.4.3
But still have the same problem
CONNECT localhost:8089 HTTP/1.1
< HTTP/1.1 200 Connection established <
* Proxy replied OK to CONNECT request
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* NSS error -5961 (PRCONNECTRESET_ERROR)
* TCP connection reset by peer
* Closing connection 0 curl: (35) TCP connection reset by peer
That looks very much like a firewall or something is dumping the connection.
Any chance you have a local FW?
The firewall is disabled
systemctl status firewalld ● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
Active: inactive (dead)
Wait - cant believe i missed this:
can you run