Hi, I have installed new TA-MS-AD version (3.0.1) and I can see several errors : 01-27-2021 15:12:23.900 +0000 ERROR ExecProcessor - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/TA...
See more...
Hi, I have installed new TA-MS-AD version (3.0.1) and I can see several errors : 01-27-2021 15:12:23.900 +0000 ERROR ExecProcessor - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/TA-MS-AAD/bin/azure_comp.py" ERROR'access_token' 01-27-2021 15:12:23.853 +0000 ERROR ExecProcessor - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/TA-MS-AAD/bin/azure_comp.py" KeyError: 'access_token' 01-27-2021 15:12:23.853 +0000 ERROR ExecProcessor - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/TA-MS-AAD/bin/azure_comp.py" return response['access_token'] 01-27-2021 15:12:23.853 +0000 ERROR ExecProcessor - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/TA-MS-AAD/bin/azure_comp.py" File "/opt/splunk/etc/apps/TA-MS-AAD/bin/ta_azure_utils/auth.py", line 59, in _get_access_token 01-27-2021 15:12:23.853 +0000 ERROR ExecProcessor - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/TA-MS-AAD/bin/azure_comp.py" raise e 01-27-2021 15:12:23.853 +0000 ERROR ExecProcessor - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/TA-MS-AAD/bin/azure_comp.py" File "/opt/splunk/etc/apps/TA-MS-AAD/bin/ta_azure_utils/auth.py", line 61, in _get_access_token 01-27-2021 15:12:23.853 +0000 ERROR ExecProcessor - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/TA-MS-AAD/bin/azure_comp.py" return _get_access_token(endpoint, helper, payload) 01-27-2021 15:12:23.853 +0000 ERROR ExecProcessor - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/TA-MS-AAD/bin/azure_comp.py" File "/opt/splunk/etc/apps/TA-MS-AAD/bin/ta_azure_utils/auth.py", line 51, in get_mgmt_access_token 01-27-2021 15:12:23.853 +0000 ERROR ExecProcessor - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/TA-MS-AAD/bin/azure_comp.py" raise e 01-27-2021 15:12:23.853 +0000 ERROR ExecProcessor - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/TA-MS-AAD/bin/azure_comp.py" File "/opt/splunk/etc/apps/TA-MS-AAD/bin/ta_azure_utils/auth.py", line 53, in get_mgmt_access_token 01-27-2021 15:12:23.853 +0000 ERROR ExecProcessor - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/TA-MS-AAD/bin/azure_comp.py" access_token = azauth.get_mgmt_access_token(client_id, client_secret, tenant_id, environment, helper) 01-27-2021 15:12:23.853 +0000 ERROR ExecProcessor - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/TA-MS-AAD/bin/azure_comp.py" File "/opt/splunk/etc/apps/TA-MS-AAD/bin/input_module_azure_comp.py", line 47, in collect_events 01-27-2021 15:12:23.853 +0000 ERROR ExecProcessor - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/TA-MS-AAD/bin/azure_comp.py" input_module.collect_events(self, ew) 01-27-2021 15:12:23.853 +0000 ERROR ExecProcessor - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/TA-MS-AAD/bin/azure_comp.py" File "/opt/splunk/etc/apps/TA-MS-AAD/bin/azure_comp.py", line 108, in collect_events 01-27-2021 15:12:23.853 +0000 ERROR ExecProcessor - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/TA-MS-AAD/bin/azure_comp.py" self.collect_events(ew) 01-27-2021 15:12:23.853 +0000 ERROR ExecProcessor - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/TA-MS-AAD/bin/azure_comp.py" File "/opt/splunk/etc/apps/TA-MS-AAD/bin/ta_ms_aad/aob_py3/modinput_wrapper/base_modinput.py", line 128, in stream_events 01-27-2021 15:12:23.853 +0000 ERROR ExecProcessor - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/TA-MS-AAD/bin/azure_comp.py" Traceback (most recent call last): 01-27-2021 15:09:30.187 +0000 ERROR ExecProcessor - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/TA-MS-AAD/bin/azure_comp.py" ERROR'access_token' 01-27-2021 15:09:30.126 +0000 ERROR ExecProcessor - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/TA-MS-AAD/bin/azure_comp.py" Key Error: 'access_token' 01-27-2021 15:09:30.126 +0000 ERROR ExecProcessor - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/TA-MS-AAD/bin/azure_comp.py" return response['access_token'] I checked the settings and all is right, BUT I does not indexing computing logs. Nothing goes back in splunk from compute input. The older version produce same error logs. Can you help me ?