×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
mbattaglia
Engager
Member since: ‎04-15-2011
‎06-05-2020
Community Statistics
Posts 1
Solutions 0
Karma Given 0
Karma Received 2
Member Since ‎04-15-2011
Activity Feed
Topics I've Started
View All

Problem mionitor cisco IPS

by in Monitoring Splunk
‎08-01-2011 06:25 AM
2 Karma
‎08-01-2011 06:25 AM
2 Karma
I have a problem to monitor the module Cisco IPS ASA5585-SSP-IPS10 From the IPS I see this error ; the state remain in state Read Pending; sub-8-9480fcb4 State = Read Pending Last Read Time = 13:22:42 UTC Mon Aug 01 2011 Last Read Time (nanoseconds) = 1312204962229391000 From the splunk server I see this error: tail -f /opt/splunk/var/log/splunk/sdee_get.log Fri Jul 29 14:26:45 2011 - ERROR - Exception thrown while parsing SDEE payload: Traceback (most recent call last): File "/opt/splunk/etc/apps/Splunk_CiscoIPS/bin/get_ips_feed.py", line 74, in run alert_obj_list = idsmxml.parse_alerts( result_xml ) File "/opt/splunk/etc/apps/Splunk_CiscoIPS/bin/pysdee/idsmxml.py", line 243, in parse_alerts alert_obj.signature = build_sig(sig[0]) File "/opt/splunk/etc/apps/Splunk_CiscoIPS/bin/pysdee/idsmxml.py", line 190, in build_sig signature.marscategory = node.getElementsByTagName('marsCategory')[0].firstChild.wholeText IndexError: list index out of range There's a solution to resolve this problem? ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:02 AM
Karma from
View All