How to fix failure in app-inspect | check_for_pyth...

jabezds · ‎07-26-2022

Hi ,

Noticed this failure in the app inspect report(Version 2.22.0), Is there a way we can fix this on splunk cloud ?

Below is the failure details in the report:

Please check for inbound or outbound UDP network communications.Any programmatic UDP network communication is prohibited due to security risks in Splunk Cloud and App Certification.The use or instruction to configure an app using Settings -> Data Inputs -> UDP within Splunk is permitted. (Note: UDP configuration options are not available in Splunk Cloud and as such do not impose a security risk. File: bin/botocore/session.py Line Number: 204

Thanks,

Jabez.

sloshburch · ‎08-15-2022

Hi! FYI that I moved this from Splunk Platform to this Splunk Development > Building for the Splunk Platform section in hopes to get more eyes on it.

Also, it's worth pointing out that in general, AppInspect has a handful of checks to ensure unsecure UDP is not being used: check_inputs_conf_for_udp, check_for_python_udp_network_communications, and check_for_udp_communication_in_javascript. See https://dev.splunk.com/enterprise/reference/appinspect/appinspectcheck/ for more information.

In this case, the library being used is provided by a 3rd party and it is understood that eliminating that code is not practical. Therefore, there are discussions to consider how to navigate this challenge.

How to fix failure in app-inspect | check_for_python_udp_network_communications?

configuration

development

using Splunk Enterprise

Introducing Splunk Enterprise 9.2

Adoption of RUM and APM at Splunk

Routing logs with Splunk OTel Collector for Kubernetes