I have installed the CISCO AMP CIM add-on and the CISCo Add-on for AMP for EndPoints inputs. I can create the inupts but I am not getting any data in Splunk.
I keep getting the following messages in the amp4e_events_input.log:
Connected. Starting to consume.
2018-01-15 15:28:39,399 INFO Amp4eEvents - Received response from ApiService (200)
2018-01-15 15:34:46,357 WARNING Amp4eEvents - Connection error (1516048486.36, : The AMQP connection was closed: ())! Reconnecting in about 3 seconds.
I have seen multiple INFO Amp4eEvents - Received response from ApiService (200) messages but I see no data in Splunk.
Any help anyone can offer is greatly appreciated.
... View more
The error we are getting:
Exception: java.lang.RuntimeException: Failed to get driver instance for jdbcUrl=jdbc:netezza://10.121.10.232:5480/AMBER_DB
2016-10-05T10:43:10-0400 [ERROR] [rh_connections.py], line 225: exception java.lang.RuntimeException: Failed to get driver instance for jdbcUrl=jdbc:netezza://10.121.10.232:5480/AMBER_DB
The Netezza stanza in the connection_type.conf
displayName = Netezza
serviceClass = com.splunk.dbx2.postgres.PostgresJDBC
jdbcUrlFormat = jdbc:netezza://:/
jdbcDriverClass = org.netezza.Driver
The driver is in the
Successfullly tested the jdbc using java command.
Any insight anyone can offer is greatly appreciated.
... View more