Splunk Dev

app TA-eStreamer's "splencore.sh test" got Import Error: undefined symbol: SSL_state

juakashi
New Member

I install Splunk on Ubuntu and installed Splunk app called Cisco eStreamer client. How can I fix the issue?

I configure Cisco Firepower Management Center and Splunk according to this video.
https://www.youtube.com/watch?v=pEXM5PVkvH8&t=104s&ab_channel=CiscoSecureFirewall

I got an error:
root@platform-dns:/opt/splunk/etc/apps/TA-eStreamer/bin/encore# ../splencore.sh test
Traceback (most recent call last):
File "./estreamer/preflight.py", line 33, in <module>
import estreamer.crossprocesslogging
File "/opt/splunk/etc/apps/TA-eStreamer/bin/encore/estreamer/__init__.py", line 27, in <module>
from estreamer.connection import Connection
File "/opt/splunk/etc/apps/TA-eStreamer/bin/encore/estreamer/connection.py", line 23, in <module>
import ssl
File "/opt/splunk/lib/python3.7/ssl.py", line 98, in <module>
import _ssl # if we can't import it, let the error propagate
ImportError: /opt/splunk/lib/python3.7/lib-dynload/_ssl.cpython-37m-x86_64-linux-gnu.so: undefined symbol: SSL_state

0 Karma

bookenist
Loves-to-Learn

@juakashi  before executing the ./splencore.sh test command
You need to make a couple of
export SPLUNK_HOME=/opt/splunk
export LD_LIBRARY_PATH=/opt/splunk/lib

After that you can continue Validate & Test the Connection

0 Karma

VatsalJagani
SplunkTrust
SplunkTrust

@juakashi - Please check the following things:

  • Ensure you have the latest version of the Add-on.
  • Ensure you put the certificate as described and in the described path.
  • Ensure the certificate file permissions are proper. (chmod) 600 for public cert files and 400 for private key files.
  • Ensure the environment paths are set properly as described in the video.

 

I hope this helps!! Kindly upvote if it does!!!

0 Karma
Get Updates on the Splunk Community!

.conf24 | Day 0

Hello Splunk Community! My name is Chris, and I'm based in Canberra, Australia's capital, and I travelled for ...

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

 (view in My Videos)Struggling with alert fatigue, lack of context, and prioritization around security ...

Troubleshooting the OpenTelemetry Collector

  In this tech talk, you’ll learn how to troubleshoot the OpenTelemetry collector - from checking the ...