- Splunk Answers
- :
- Splunk Platform Products
- :
- Splunk Enterprise
- :
- Splunk Secure Gateway connection error
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Splunk Secure Gateway connection error
We are having a connection issue on Splunk Enterprise 8.2.6 on prem with Splunk Secure Gateway 2.7.4, according to the firewall rules the connection port 443 outbound to the host prod.spacebridge.spl.mobi is allowed.
We verified the connection using the troubleshooting guide in the documentation by running:
curl https://prod.spacebridge.spl.mobi/health_check
Also we tried the test for wss connection and we get the correct response:
curl -i -N -H "Connection: Upgrade" -H "Upgrade: websocket" -H "Host: echo.websocket.events" -H "Origin: https://echo.websocket.events" -H "Sec-WebSocket-Key: d3d3LnNwbHVuay5jb20=" -H "Sec-WebSocket-Version: 13" https://echo.websocket.events
When we run the following rest command:
| rest "services/ssg/test_websocket" request_type="{\"versionGetRequest\": {}}" request_mode=clientSingleRequest
We get this output:
auth_code_status = 200
completed_client_registration = 0
error = 'token_id'
server_registration_status = 400
splunk_server = server
wss_response = 0
The error traceback in _internal is:
2022-05-09 11:22:58,148 ERROR [rest_base] [__init__] [exception] [4772] Spacebridge error
Traceback (most recent call last):
File "/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/util/helper.py", line 13, in extract_parameter
result = obj[key]
KeyError: 'self_register'
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/base_endpoint.py", line 53, in handle
res = self.handle_request(request)
File "/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/base_endpoint.py", line 86, in handle_request
return self.post(request)
File "/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/registration/saml_registration_handler.py", line 70, in post
self_register = extract_parameter(request['query'], SELF_REGISTER_LABEL, QUERY_LABEL)
File "/opt/splunk/etc/apps/splunk_secure_gateway/bin/spacebridgeapp/rest/util/helper.py", line 15, in extract_parameter
raise Errors.SpacebridgeRestError('Error: Request requires %s parameter "%s"' % (source_name, key), 400)
spacebridgeapp.rest.util.errors.SpacebridgeRestError: Error: Request requires query parameter "self_register"
Any ideas on how to solve this issue? or continue the troubleshooting?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Joshiro, how did you solve the issue? I'm facing the same problem to connect to Spacebridge to configure Splunk Edge Hub.
Marco
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Marco, i dont really remember what was the problem nor the solution.
We are currently working with Splunk Edge Hub on Splunk 9.2.0.1 and we got no problems with the device registration.
What i do remember about that time where we implemented the SSG for Mobile use, is that there was a problem with cert inspection on the firewall, it changed something on the cert itself ,and it was no longer recognized as a valid one for the SSG.
Regards.
.conf24 | Day 0
Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...
Troubleshooting the OpenTelemetry Collector
