Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Not working for Splunk version 8.2 #3

Closed
aloysiuschee opened this issue Jul 22, 2021 · 5 comments
Closed

Not working for Splunk version 8.2 #3

aloysiuschee opened this issue Jul 22, 2021 · 5 comments

Comments

@aloysiuschee
Copy link

The configuration page was unable to load and errors found in log
REST Error [500]: Internal Server Error -- Traceback (most recent call last):\n File "/opt/splunk/etc/apps/SA-haveibeenpwned/bin/sa_haveibeenpwned/aob_py3/splunktaucclib/rest_handler/handler.py", line 117,
@hRun
Copy link
Owner

hRun commented Jul 22, 2021

Hi aloysiuschee,

Unfortunately I am unable to reproduce this issue on a linux machine runnning Splunk 8.2.1 and add-on version 2.0.2. Would you kindly share some more details on the platform and versions you're using and under which circumstances this issue occurs?

Cheers,
hRun

@aloysiuschee
Copy link
Author

below is the extract of the error appearing in the Splunk log when I am trying to load the configuration page.

+0000 ERROR AdminManagerExternal [2483422 TcpChannelThread] - Stack trace from python handler:\nTraceback (most recent call last):\n File "/opt/splunk/etc/apps/SA-haveibeenpwned/bin/sa_haveibeenpwned/aob_py3/splunktaucclib/rest_handler/handler.py", line 117, in wrapper\n for name, data, acl in meth(self, *args, **kwargs):\n File "/opt/splunk/etc/apps/SA-haveibeenpwned/bin/sa_haveibeenpwned/aob_py3/splunktaucclib/rest_handler/handler.py", line 303, in _format_response\n masked = self.rest_credentials.decrypt_for_get(name, data)\n File "/opt/splunk/etc/apps/SA-haveibeenpwned/bin/sa_haveibeenpwned/aob_py3/splunktaucclib/rest_handler/credentials.py", line 188, in decrypt_for_get\n clear_password = self._get(name)\n File "/opt/splunk/etc/apps/SA-haveibeenpwned/bin/sa_haveibeenpwned/aob_py3/splunktaucclib/rest_handler/credentials.py", line 393, in _get\n string = mgr.get_password(user=context.username())\n File "/opt/splunk/etc/apps/SA-haveibeenpwned/bin/sa_haveibeenpwned/aob_py3/solnlib/utils.py", line 159, in wrapper\n return func(*args, **kwargs)\n File "/opt/splunk/etc/apps/SA-haveibeenpwned/bin/sa_haveibeenpwned/aob_py3/solnlib/credentials.py", line 118, in get_password\n all_passwords = self._get_all_passwords()\n File "/opt/splunk/etc/apps/SA-haveibeenpwned/bin/sa_haveibeenpwned/aob_py3/solnlib/utils.py", line 159, in wrapper\n return func(*args, **kwargs)\n File "/opt/splunk/etc/apps/SA-haveibeenpwned/bin/sa_haveibeenpwned/aob_py3/solnlib/credentials.py", line 272, in _get_all_passwords\n clear_password += field_clear[index]\nTypeError: can only concatenate str (not "NoneType") to str\n\nDuring handling of the above exception, another exception occurred:\n\nTraceback (most recent call last):\n File "/opt/splunk/lib/python3.7/site-packages/splunk/admin.py", line 151, in init\n hand.execute(info)\n File "/opt/splunk/lib/python3.7/site-packages/splunk/admin.py", line 637, in execute\n if self.requestedAction == ACTION_LIST: self.handleList(confInfo)\n File "/opt/splunk/etc/apps/SA-haveibeenpwned/bin/sa_haveibeenpwned/aob_py3/splunk_aoblib/rest_migration.py", line 39, in handleList\n AdminExternalHandler.handleList(self, confInfo)\n File "/opt/splunk/etc/apps/SA-haveibeenpwned/bin/sa_haveibeenpwned/aob_py3/splunktaucclib/rest_handler/admin_external.py", line 40, in wrapper\n for entity in result:\n File "/opt/splunk/etc/apps/SA-haveibeenpwned/bin/sa_haveibeenpwned/aob_py3/splunktaucclib/rest_handler/handler.py", line 124, in wrapper\n raise RestError(500, traceback.format_exc())\nsplunktaucclib.rest_handler.error.RestError: REST Error [500]: Internal Server Error -- Traceback (most recent call last):\n File "/opt/splunk/etc/apps/SA-haveibeenpwned/bin/sa_haveibeenpwned/aob_py3/splunktaucclib/rest_handler/handler.py", line 117, in wrapper\n for name, data, acl in meth(self, *args, **kwargs):\n File "/opt/splunk/etc/apps/SA-haveibeenpwned/bin/sa_haveibeenpwned/aob_py3/splunktaucclib/rest_handler/handler.py", line 303, in _format_response\n masked = self.rest_credentials.decrypt_for_get(name, data)\n File "/opt/splunk/etc/apps/SA-haveibeenpwned/bin/sa_haveibeenpwned/aob_py3/splunktaucclib/rest_handler/credentials.py", line 188, in decrypt_for_get\n clear_password = self._get(name)\n File "/opt/splunk/etc/apps/SA-haveibeenpwned/bin/sa_haveibeenpwned/aob_py3/splunktaucclib/rest_handler/credentials.py", line 393, in _get\n string = mgr.get_password(user=context.username())\n File "/opt/splunk/etc/apps/SA-haveibeenpwned/bin/sa_haveibeenpwned/aob_py3/solnlib/utils.py", line 159, in wrapper\n return func(*args, **kwargs)\n File "/opt/splunk/etc/apps/SA-haveibeenpwned/bin/sa_haveibeenpwned/aob_py3/solnlib/credentials.py", line 118, in get_password\n all_passwords = self._get_all_passwords()\n File "/opt/splunk/etc/apps/SA-haveibeenpwned/bin/sa_haveibeenpwned/aob_py3/solnlib/utils.py", line 159, in wrapper\n return func(*args, **kwargs)\n File "/opt/splunk/etc/apps/SA-haveibeenpwned/bin/sa_haveibeenpwned/aob_py3/solnlib/credentials.py", line 272, in _get_all_passwords\n clear_password += field_clear[index]\nTypeError: can only concatenate str (not "NoneType") to str\n\n

+0000 ERROR AdminManagerExternal [2483422 TcpChannelThread] - Unexpected error "<class 'splunktaucclib.rest_handler.error.RestError'>" from python handler: "REST Error [500]: Internal Server Error -- Traceback (most recent call last):\n File "/opt/splunk/etc/apps/SA-haveibeenpwned/bin/sa_haveibeenpwned/aob_py3/splunktaucclib/rest_handler/handler.py", line 117, in wrapper\n for name, data, acl in meth(self, *args, **kwargs):\n File "/opt/splunk/etc/apps/SA-haveibeenpwned/bin/sa_haveibeenpwned/aob_py3/splunktaucclib/rest_handler/handler.py", line 303, in _format_response\n masked = self.rest_credentials.decrypt_for_get(name, data)\n File "/opt/splunk/etc/apps/SA-haveibeenpwned/bin/sa_haveibeenpwned/aob_py3/splunktaucclib/rest_handler/credentials.py", line 188, in decrypt_for_get\n clear_password = self._get(name)\n File "/opt/splunk/etc/apps/SA-haveibeenpwned/bin/sa_haveibeenpwned/aob_py3/splunktaucclib/rest_handler/credentials.py", line 393, in _get\n string = mgr.get_password(user=context.username())\n File "/opt/splunk/etc/apps/SA-haveibeenpwned/bin/sa_haveibeenpwned/aob_py3/solnlib/utils.py", line 159, in wrapper\n return func(*args, **kwargs)\n File "/opt/splunk/etc/apps/SA-haveibeenpwned/bin/sa_haveibeenpwned/aob_py3/solnlib/credentials.py", line 118, in get_password\n all_passwords = self._get_all_passwords()\n File "/opt/splunk/etc/apps/SA-haveibeenpwned/bin/sa_haveibeenpwned/aob_py3/solnlib/utils.py", line 159, in wrapper\n return func(*args, **kwargs)\n File "/opt/splunk/etc/apps/SA-haveibeenpwned/bin/sa_haveibeenpwned/aob_py3/solnlib/credentials.py", line 272, in _get_all_passwords\n clear_password += field_clear[index]\nTypeError: can only concatenate str (not "NoneType") to str\n". See splunkd.log/python.log for more details.

@hRun
Copy link
Owner

hRun commented Jul 25, 2021

Hi aloysiuschee,

I am unable to reproduce your issue and suspect it is not a problem with the app's code but rather a configured password or api key failing to be decrypted. This seems to be a known issue when copying an app (or rather it's local/passwords.conf) from one Splunk instance to another when these two servers don't share the same splunk.secret. See for example: https://community.splunk.com/t5/All-Apps-and-Add-ons/CrowdStrike-app-fails-Fail-to-decrypt-the-encrypted-credential/m-p/469486. Removing SA-haveibeenpwned/local/passwords.conf, restarting the Splunk instance and then providing the API key anew via the configuration page should fix your issue.

Best Regards,
hRun

@aloysiuschee
Copy link
Author

Hi hRun,

Since the configuration page was unable to complete the initial load up, I was unable to even enter the API key and hence there is no SA-haveibeenpwned/local/passwords.conf created.

@hRun
Copy link
Owner

hRun commented Jul 27, 2021

Hi,

Thanks for the feedback. Unfortunately I am still unable to reproduce the issue. I've now repackaged the add-on using the latest Splunk Add-On Builder version, which is something Splunk recently asked all developers to do anyways to ensure compatibility with upcoming Splunk releases. This seems to also have changed some of the files related to your issue and might fix it for you. I am afraid this is all I can do to support you, as the whole configuration page and key handling relies on code auto-generated by the Splunk Add-On builder and cannot be touched by me without breaking Splunk's EULA. I'll release the update on Splunkbase shortly, so you can update from within your Splunk web interface.

Best Regards,
hRun

@hRun hRun closed this as completed Jul 27, 2021
@pabloperezj pabloperezj mentioned this issue Sep 27, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@hRun @aloysiuschee