Re: Getting error with Microsoft Azure Add on for ...

jabbene00 · ‎05-08-2020

Just installed both versions of Microsoft Azure Add on for Splunk on Heavy forwarder.

When I open the inputs area nothing happens, just spins. Eventually, the following error shows up in messages:

Unable to initialize modular input "azure_event_hub" defined in the app "TA-MS-AAD": Introspecting scheme=azure_event_hub: script running failed (exited with code 1)

Any assistance would be great.

cnuguri_ncc · ‎12-08-2020

I have this error on Mac OS too, Tried on Splunk 8.0 and 8.1, with Add-on 3.0.1. 😐

Edit: Actually my error is slightly different, I get the below when adding the input, and input is not created

Argument validation for scheme=azure_event_hub failed: The script returned with exit status 1.

jconger · ‎05-08-2020

The Event Hub input does not currently work on Windows. See the About platforms section here -> https://splunkbase.splunk.com/app/3757/#/details

It has to do with the Python library used to ingest Event Hub data. A new version is in development for Splunk 8 and should include Windows support for the Event Hub input as well.

jconger · ‎05-08-2020

What OS is your HWF?

jabbene00 · ‎05-08-2020

Windows 2016

jabbene00 · ‎05-08-2020

HF is
Splunk Enterprise
Version:
8.0.3
Build:
a6754d8441bf

Getting error with Microsoft Azure Add on for Splunk: Unable to initialize modular input "azure_event_hub" defined in the app TA-MS-AAD.

Index This | I’m short for "configuration file.” What am I?

New Articles from Academic Learning Partners, Help Expand Lantern’s Use Case Library, ...

Your Guide to SPL2 at .conf24!