So since today, I get the following error message in _internal (sourcetype splunk_web_service):
"error:138 - Masking the original 404 message: 'The path '/en-US/custom/SA-ThreatIntelligence/correlation_searches/get_searches' was not found.' with 'Page not found!' for security reasons"
This happens when I want to open the "Content Management" Page in the Security Enterprise Security App.
I am somehow stuck here because IMO nothing at all changed - actually I haven't done any changes in ES for more then 2 weeks.
Anybody ever experienced this issue - how can I fix this?
Present in ES=4.0.1-4.0.5 (Maybe other versions also).
Fixed in Newer versions (i.e. ES=4.2+ ES=4.5+).
Examples of Bug = Splunk Bug references SOLNESS-6255 and SOLNESS-11038.
The cause = The correlation_search.py web controller loads some helper code. This uses relative pathing, so depending on how the controller is executed we might not specify the intended directory.
from = sys.path.append( os.path.join("..", "..", "bin") )
to = sys.path.append(make_splunkhome_path(['etc', 'apps', 'SA-ThreatIntelligence', 'bin']))
Upgrade to ES=4.2+ or ES=4.5+
View solution in original post