×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
spdenolan
New Member
Member since: ‎01-09-2020
‎06-05-2020
Community Statistics
Posts 2
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎01-09-2020
Topics I've Started
No posts to display.
View All

Re: Elasticsearch Data Integrator - Modular Input ...

by in All Apps and Add-ons
‎06-11-2025 03:00 AM
‎06-11-2025 03:00 AM
Thank you for the kind reply. We have an elasticsearch setup without authentication and without Certificates so I tried to comment stanza as you suggest use_ssl = 0 # opt_ca_certs_path = but no success 😞   Than i decided to go into the python scripts and try to comment out the cert(strip) line   /opt/splunk/etc/apps/TA-elasticsearch-data-integrator---modular-input/bin/input_module_elasticsearch_json.py #opt_ca_certs_path = opt_ca_certs_path.strip()     Now I get another SSL  Error in log : 2025-06-11 12:00:03,503 ERROR pid=2813813 tid=MainThread file=base_modinput.py:log_error:309 | Get error when collecting events. Traceback (most recent call last): File "/opt/splunk/etc/apps/TA-elasticsearch-data-integrator---modular-input/bin/ta_elasticsearch_data_integrator_modular_input/aob_py3/modinput_wrapper/base_modinput.py", line 128, in stream_events self.collect_events(ew) File "/opt/splunk/etc/apps/TA-elasticsearch-data-integrator---modular-input/bin/elasticsearch_json.py", line 96, in collect_events input_module.collect_events(self, ew) File "/opt/splunk/etc/apps/TA-elasticsearch-data-integrator---modular-input/bin/input_module_elasticsearch_json.py", line 153, in collect_events results = search_index(opt_elasticsearch_instance_url, opt_port, opt_user, opt_secret, opt_elasticsearch_indice, opt_date_field_name, opt_time_preset, size, from_number, opt_ca_certs_path) File "/opt/splunk/etc/apps/TA-elasticsearch-data-integrator---modular-input/bin/input_module_elasticsearch_json.py", line 102, in search_index response = client.search(**search_params, scroll="1m") File "/opt/splunk/etc/apps/TA-elasticsearch-data-integrator---modular-input/bin/ta_elasticsearch_data_integrator_modular_input/elasticsearch/_sync/client/utils.py", line 414, in wrapped return api(*args, **kwargs) File "/opt/splunk/etc/apps/TA-elasticsearch-data-integrator---modular-input/bin/ta_elasticsearch_data_integrator_modular_input/elasticsearch/_sync/client/__init__.py", line 3859, in search return self.perform_request( # type: ignore[return-value] File "/opt/splunk/etc/apps/TA-elasticsearch-data-integrator---modular-input/bin/ta_elasticsearch_data_integrator_modular_input/elasticsearch/_sync/client/_base.py", line 285, in perform_request meta, resp_body = self.transport.perform_request( File "/opt/splunk/etc/apps/TA-elasticsearch-data-integrator---modular-input/bin/ta_elasticsearch_data_integrator_modular_input/elastic_transport/_transport.py", line 329, in perform_request meta, raw_data = node.perform_request( File "/opt/splunk/etc/apps/TA-elasticsearch-data-integrator---modular-input/bin/ta_elasticsearch_data_integrator_modular_input/elastic_transport/_node/_http_urllib3.py", line 199, in perform_request raise err from None elastic_transport.TlsError: TLS error caused by: TlsError(TLS error caused by: SSLError([SSL: UNKNOWN_PROTOCOL] unknown protocol (_ssl.c:1161))) If anyone managed to onboard elasticsearch data without authentication or certificate validation please adivse  ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:03 AM