Installation
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

instal splunk soar, error can't read /etc/redhat-release

bambarita
Observer
‎03-19-2024 09:12 AM

does anyone ever know this issue,

I use centos8 stream to install soar 6.2.0 onprem,

but it can't read /etc/redhat-release

[phantom@10 splunk-soar]$ ./soar-prepare-system --splunk-soar-home /opt/splunk-soar/ --https-port 443
Detailed logs will be located at /opt/splunk-soar/var/log/phantom/phantom_install_log
Preparing system for installation of Splunk SOAR 6.2.0.355
Unable to read CentOS/RHEL version from /etc/redhat-release.
Traceback (most recent call last):
File "/opt/splunk-soar/./soar-prepare-system", line 93, in main
pre_installer.run()
File "/opt/splunk-soar/install/deployments/deployment.py", line 132, in run
self.run_pre_deploy()
File "/opt/splunk-soar/usr/python39/lib/python3.9/contextlib.py", line 79, in inner
return func(*args, **kwds)
File "/opt/splunk-soar/install/deployments/deployment.py", line 146, in run_pre_deploy
plan = DeploymentPlan.from_spec(self.spec, self.options)
File "/opt/splunk-soar/install/deployments/deployment_plan.py", line 51, in from_spec
deployment_operations=[_type(options) for _type in deployment_operations],
File "/opt/splunk-soar/install/deployments/deployment_plan.py", line 51, in <listcomp>
deployment_operations=[_type(options) for _type in deployment_operations],
File "/opt/splunk-soar/install/operations/optional_tasks/rpm_packages.py", line 53, in __init__
self.rpm_checker = RpmChecker(self.get_rpm_packages(), self.shell)
File "/opt/splunk-soar/install/operations/optional_tasks/rpm_packages.py", line 63, in get_rpm_packages
if get_os_family() == OsFamilyType.el7:
File "/opt/splunk-soar/install/install_common.py", line 340, in get_os_family
os_version = get_os_version()
File "/opt/splunk-soar/install/install_common.py", line 326, in get_os_version
return _get_centos_and_rhel_version()
File "/opt/splunk-soar/install/install_common.py", line 315, in _get_centos_and_rhel_version
raise InstallError("Unable to read CentOS/RHEL version from /etc/redhat-release.")
install.install_common.InstallError: Unable to read CentOS/RHEL version from /etc/redhat-release.
Pre-install failed.

 

while I open the /etc/redhat-release

[phantom@10 splunk-soar]$ cat /etc/redhat-release
NAME="CentOS stream"
VERSION="8"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="8"
PLATFORM_ID="platform:el8"
PRETTY_NAME="CentOS Stream 8"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:centos:centos:8"
HOME_URL="https://centos.org/"
BUG_REPORT_URL="https://bugzilla.redhat.com/"
REDHAT_SUPPORT_PRODUCT="Red Hat Enterprise Linux 8"
REDHAT_SUPPORT_PRODUCT_VERSION="CentOS Stream"

 

welcome for any suggestion

Labels (2)
Labels
Tags (2)
0 Karma
Reply

isoutamo
SplunkTrust
SplunkTrust
‎03-19-2024 10:39 AM
Hi
I’m not sure, but my expectation is that as Centos 8 isn’t supported (https://docs.splunk.com/Documentation/SOARonprem/6.2.0/Install/InstallUnprivileged), it cannot parse correctly content of this file.
r. Ismo
0 Karma
Reply
Get Updates on the Splunk Community!

Introducing the Splunk Community Dashboard Challenge!

Welcome to Splunk Community Dashboard Challenge! This is your chance to showcase your skills in creating ...

Get the T-shirt to Prove You Survived Splunk University Bootcamp

As if Splunk University, in Las Vegas, in-person, with three days of bootcamps and labs weren’t enough, now ...

Wondering How to Build Resiliency in the Cloud?

IT leaders are choosing Splunk Cloud as an ideal cloud transformation platform to drive business resilience,  ...