New cisco security suite install - 500 internal se...

cjsweeney1 · ‎08-01-2017

New Cisco security suite installed on the enterprise security server- i am see a 500 internal server error when attempting to finish the setup piece in the manage apps page... No other apps I am accessing are experiencing this so far....

I know there is a way to view the web piece for failures through the search app so I could definately check on it if you know of a search string for that...

Thanks...

Cisco security suite ver 3.1.2
Splunk ver 6.3.3
Ent Security ver 4.0.0

rbal_splunk · ‎08-23-2017

I have this same issue, could you clarify " It was mis-configured SSL settings.."

cjsweeney1 · ‎08-07-2017

Thanks... It was mis-configured SSL settings... I just disabled it and it works now..

bheemireddi · ‎08-02-2017

I don't think it is a recommended practice to install Cisco Security Suite app on the search head where you have ES (Enterprise Security). You should have ES running on it's own and no other apps should be interfering on that system.

Try installing on a different search head and if you still get the error from the GUI upload, you can un-tar it via SSH into etc/apps and restart the SH if that is a possibility.

New cisco security suite install - 500 internal server error

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

Troubleshooting the OpenTelemetry Collector

Adoption of Infrastructure Monitoring at Splunk