Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Just installed SA-Eventgen and get the following error: Unable to initialize modular input "modinput_eventgen" defined inside the app "SA-Eventgen": Introspecting scheme=modinput_eventgen: script running failed (exited with code 1)

scaglietti
New Member
‎06-10-2018 02:09 PM

Unable to initialize modular input "modinput_eventgen" defined inside the app "SA-Eventgen": Introspecting scheme=modinput_eventgen: script running failed (exited with code 1)

Tags (1)
0 Karma
Reply

mvohra_arcusdat
Explorer
‎11-04-2019 04:45 AM

I get this error when run on Splunk 8.0 (installed on Ubuntu 16.0.4 LTS):

Traceback (most recent call last):
  File "../etc/apps/SA-Eventgen/bin/modinput_eventgen.py", line 15, in <module>
    from splunk_eventgen import eventgen_core  # noqa isort:skip
ImportError: No module named splunk_eventgen

This is a fresh Splunk install on a sandbox and nothing else is running/installed on the Splunk instance.

0 Karma
Reply

guythomasdavis
Explorer
‎07-04-2018 09:20 AM

Assuming you are on a Windows system here is what I had to do to get things working:

In the app directory for eventgen which on my system is c:\program\files\splunk\etc\apps\sa-eventgen I had to go into the bin directory and edit the modinput_eventgen.py file and comment out line 141.

if name == 'main':
#signal.signal(signal.SIGPIPE, handler)
worker = Eventgen()
worker.execute()

sys.exit(0)

The singal.SIGPIPE attr isn't valid on windows (assuming its fine in Linux installs)

I then had to restart Splunk and in Settings->Data Inputs enable the SA-Eventgen data input.

That's it. After that I made some dumb mistakes but it is working now. If you have any questions or other problems I've probably been through them all so would be glad to help...

On the plus side, I learned a lot about troubleshooting which I'm sure will serve me well in the future!

Reply

paullallen1
New Member
‎06-13-2018 06:12 AM

I'm running 7.1.1 and have exactly the same issue. So any fix would be appreciated?

0 Karma
Reply

guythomasdavis
Explorer
‎07-03-2018 02:44 PM

Hey how about some help with this... pretty annoying that this isn't working, when running splunk python agains modinput py file this is the result:

splunk cmd python ..\etc\apps\SA-Eventgen\bin\modinput_eventgen.py
Traceback (most recent call last):
File "..\etc\apps\SA-Eventgen\bin\modinput_eventgen.py", line 141, in
signal.signal(signal.SIGPIPE, handler)
AttributeError: 'module' object has no attribute 'SIGPIPE'

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk APM & RUM | Upcoming Planned Maintenance

There will be planned maintenance of the streaming infrastructure for Splunk APM and Splunk RUM in the coming ...

Part 2: Diving Deeper With AIOps

Getting the Most Out of Event Correlation and Alert Storm Detection in Splunk IT Service Intelligence   Watch ...

User Groups | Upcoming Events!

If by chance you weren't already aware, the Splunk Community is host to numerous User Groups, organized ...