Splunk Dev

How to fix failure in app-inspect | check_for_python_udp_network_communications?

Path Finder

Hi , 

Noticed this failure in the app inspect report(Version 2.22.0), Is there a way we can fix this on splunk cloud ?

Below is the failure details in the report:

Please check for inbound or outbound UDP network communications.Any programmatic UDP network communication is prohibited due to security risks in Splunk Cloud and App Certification.The use or instruction to configure an app using Settings -> Data Inputs -> UDP within Splunk is permitted. (Note: UDP configuration options are not available in Splunk Cloud and as such do not impose a security risk. File: bin/botocore/session.py Line Number: 204





0 Karma

Splunk Employee
Splunk Employee

Hi! FYI that I moved this from Splunk Platform to this Splunk Development > Building for the Splunk Platform section in hopes to get more eyes on it.

Also, it's worth pointing out that in general, AppInspect has a handful of checks to ensure unsecure UDP is not being used: check_inputs_conf_for_udp, check_for_python_udp_network_communications, and check_for_udp_communication_in_javascript. See https://dev.splunk.com/enterprise/reference/appinspect/appinspectcheck/ for more information.

In this case, the library being used is provided by a 3rd party and it is understood that eliminating that code is not practical. Therefore, there are discussions to consider how to navigate this challenge.

0 Karma
Get Updates on the Splunk Community!

Detecting Remote Code Executions With the Splunk Threat Research Team

WATCH NOWRemote code execution (RCE) vulnerabilities pose a significant risk to organizations. If exploited, ...

Enter the Splunk Community Dashboard Challenge for Your Chance to Win!

The Splunk Community Dashboard Challenge is underway! This is your chance to showcase your skills in creating ...

.conf24 | Session Scheduler is Live!!

.conf24 is happening June 11 - 14 in Las Vegas, and we are thrilled to announce that the conference catalog ...