Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Splunk Enterprise
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Splunk Platform
- :
- Splunk Enterprise
- :
- Re: Splunk add on for Citrix netscaler
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Splunk add on for Citrix netscaler
Sakshat44
Loves-to-Learn Lots
12-08-2022
03:46 AM
Splunk Addon for Citrix netscaler is contiguously logging the following ERRORs in splunkd.log file.
12-08-2022 10:55:55.677 +0000 ERROR ExecProcessor [20336 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/Splunk_TA_citrix-netscaler/bin/citrix_netscaler.py" splunklib.binding.HTTPError: HTTP 404 Not Found -- citrix_netscaler_templates does not exist
12-08-2022 10:55:55.677 +0000 ERROR ExecProcessor [20336 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/Splunk_TA_citrix-netscaler/bin/citrix_netscaler.py" During handling of the above exception, another exception occurred:
12-08-2022 10:55:55.677 +0000 ERROR ExecProcessor [20336 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/Splunk_TA_citrix-netscaler/bin/citrix_netscaler.py" Traceback (most recent call last):
12-08-2022 10:55:55.677 +0000 ERROR ExecProcessor [20336 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/Splunk_TA_citrix-netscaler/bin/citrix_netscaler.py" File "/opt/splunk/etc/apps/Splunk_TA_citrix-netscaler/lib/solnlib/conf_manager.py", line 457, in get_conf
12-08-2022 10:55:55.677 +0000 ERROR ExecProcessor [20336 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/Splunk_TA_citrix-netscaler/bin/citrix_netscaler.py" conf = self._confs[name]
12-08-2022 10:55:55.677 +0000 ERROR ExecProcessor [20336 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/Splunk_TA_citrix-netscaler/bin/citrix_netscaler.py" File "/opt/splunk/etc/apps/Splunk_TA_citrix-netscaler/lib/splunklib/client.py", line 1816, in __getitem__
12-08-2022 10:55:55.677 +0000 ERROR ExecProcessor [20336 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/Splunk_TA_citrix-netscaler/bin/citrix_netscaler.py" raise KeyError(key)
12-08-2022 10:55:55.677 +0000 ERROR ExecProcessor [20336 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/Splunk_TA_citrix-netscaler/bin/citrix_netscaler.py" KeyError: 'citrix_netscaler_templates'
12-08-2022 10:55:55.677 +0000 ERROR ExecProcessor [20336 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/Splunk_TA_citrix-netscaler/bin/citrix_netscaler.py" During handling of the above exception, another exception occurred:
12-08-2022 10:55:55.677 +0000 ERROR ExecProcessor [20336 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/Splunk_TA_citrix-netscaler/bin/citrix_netscaler.py" Traceback (most recent call last):
12-08-2022 10:55:55.677 +0000 ERROR ExecProcessor [20336 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/Splunk_TA_citrix-netscaler/bin/citrix_netscaler.py" File "/opt/splunk/etc/apps/Splunk_TA_citrix-netscaler/lib/solnlib/utils.py", line 153, in wrapper
12-08-2022 10:55:55.677 +0000 ERROR ExecProcessor [20336 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/Splunk_TA_citrix-netscaler/bin/citrix_netscaler.py" return func(*args, **kwargs)
12-08-2022 10:55:55.677 +0000 ERROR ExecProcessor [20336 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/Splunk_TA_citrix-netscaler/bin/citrix_netscaler.py" File "/opt/splunk/etc/apps/Splunk_TA_citrix-netscaler/lib/solnlib/conf_manager.py", line 459, in get_conf
12-08-2022 10:55:55.677 +0000 ERROR ExecProcessor [20336 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/Splunk_TA_citrix-netscaler/bin/citrix_netscaler.py" raise ConfManagerException(f"Config file: {name} does not exist.")
12-08-2022 10:55:55.677 +0000 ERROR ExecProcessor [20336 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/Splunk_TA_citrix-netscaler/bin/citrix_netscaler.py" solnlib.conf_manager.ConfManagerException: Config file: citrix_netscaler_templates does not exist.
12-08-2022 10:55:55.677 +0000 ERROR ExecProcessor [20336 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/Splunk_TA_citrix-netscaler/bin/citrix_netscaler.py" .
Any solution?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
richgalloway
SplunkTrust
12-08-2022
08:32 AM
Try re-installing the TA (and, perhaps, a different version of it). If that doesn't help then you're in luck since that is a Splunk-supported app. Contact Splunk Support for help with it.
---
If this reply helps you, Karma would be appreciated.
If this reply helps you, Karma would be appreciated.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Sakshat44
Loves-to-Learn Lots
12-08-2022
09:50 AM
On splunkbase only verison is available for download which is v8.2.0 (which we are already trying).
We are using this add-on for only syslog data (TCP input). We dont want appliances and templates to be configured as these configurations are not needed to getting data using TCP input.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
richgalloway
SplunkTrust
12-08-2022
09:59 AM
Contact Splunk Support.
I understand wanted to not configure features you won't be using, but if it will stop the errors, why not?
---
If this reply helps you, Karma would be appreciated.
If this reply helps you, Karma would be appreciated.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Sakshat44
Loves-to-Learn Lots
12-08-2022
10:23 AM
We dont want to configure appliances and templates and use it in our inputs as for this we need to open ports for outbound call from splunk to netscaler. As a matter of security, we dont want anyone a direct access to netscaler as it is the outer most component.
Is it possible for us to use the sourcetype intelligence of the add-on without configuring the other features.?
As in some way to bypass those configurations.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
richgalloway
SplunkTrust
12-08-2022
11:26 AM
Fair enough.
Again, contact Splunk Support.
---
If this reply helps you, Karma would be appreciated.
If this reply helps you, Karma would be appreciated.
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Get Updates on the Splunk Community!
What Is Splunk? Here’s What You Can Do with Splunk
Hey Splunk Community, we know you know Splunk. You likely leverage its unparalleled ability to ingest, index, ...
Level Up Your .conf25: Splunk Arcade Comes to Boston
With .conf25 right around the corner in Boston, there’s a lot to look forward to — inspiring keynotes, ...
Manual Instrumentation with Splunk Observability Cloud: How to Instrument Frontend ...
Although it might seem daunting, as we’ve seen in this series, manual instrumentation can be straightforward ...
