I am able to set up Splunk in OpenShift and install splunk-connect using helm. I did create indexes and enable HEC (HTTP Event Collector) and created a HEC token. Splunk HEC values.yaml is completed with appropriate values. All pods are up and running but i am seeing no OpenShift logs in Splunk. Error I am seeing
use_rest_client_ssl true
1282
cluster_name openshiftlab
1283
interval 15s
1284
</source> is not used.
1285
2022-08-19 13:22:22 +0000 [info]: #0 starting fluentd worker pid=186 ppid=1 worker=0
1286
2022-08-19 13:22:22 +0000 [error]: #0 unexpected error error_class=RestClient::SSLCertificateNotVerified error="SSL_connect returned=1 errno=0 state=error: certificate verify failed (unable to get local issuer certificate)"
1287
2022-08-19 13:22:22 +0000 [error]: #0 /usr/share/gems/gems/rest-client-2.1.0/lib/restclient/request.rb:776:in `rescue in transmit'
1288
2022-08-19 13:22:22 +0000 [error]: #0 /usr/share/gems/gems/rest-client-2.1.0/lib/restclient/request.rb:651:in `transmit'
1289
2022-08-19 13:22:22 +0000 [error]: #0 /usr/share/gems/gems/rest-client-2.1.0/lib/restclient/request.rb:163:in `execute'
1290
2022-08-19 13:22:22 +0000 [error]: #0 /usr/share/gems/gems/rest-client-2.1.0/lib/restclient/request.rb:63:in `execute'
1291
2022-08-19 13:22:22 +0000 [error]: #0 /opt/app-root/src/gem/fluent-plugin-kubernetes-metrics-1.2.0/lib/fluent/plugin/in_kubernetes_metrics.rb:695:in `is_stats_endpoint_available?'
1292
2022-08-19 13:22:22 +0000 [error]: #0 /opt/app-root/src/gem/fluent-plugin-kubernetes-metrics-1.2.0/lib/fluent/plugin/in_kubernetes_metrics.rb:95:in `start'
1293
2022-08-19 13:22:22 +0000 [error]: #0 /usr/share/gems/gems/fluentd-1.15.1/lib/fluent/root_agent.rb:203:in `block in start'
1294
2022-08-19 13:22:22 +0000 [error]: #0 /usr/share/gems/gems/fluentd-1.15.1/lib/fluent/root_agent.rb:192:in `block (2 levels) in lifecycle'
1295
2022-08-19 13:22:22 +0000 [error]: #0 /usr/share/gems/gems/fluentd-1.15.1/lib/fluent/root_agent.rb:191:in `each'
1296
2022-08-19 13:22:22 +0000 [error]: #0 /usr/share/gems/gems/fluentd-1.15.1/lib/fluent/root_agent.rb:191:in `block in lifecycle'
1297
2022-08-19 13:22:22 +0000 [error]: #0 /usr/share/gems/gems/fluentd-1.15.1/lib/fluent/root_agent.rb:178:in `each'
1298
2022-08-19 13:22:22 +0000 [error]: #0 /usr/share/gems/gems/fluentd-1.15.1/lib/fluent/root_agent.rb:178:in `lifecycle'
1299
2022-08-19 13:22:22 +0000 [error]: #0 /usr/share/gems/gems/fluentd-1.15.1/lib/fluent/root_agent.rb:202:in `start'
1300
2022-08-19 13:22:22 +0000 [error]: #0 /usr/share/gems/gems/fluentd-1.15.1/lib/fluent/engine.rb:248:in `start'
1301
2022-08-19 13:22:22 +0000 [error]: #0 /usr/share/gems/gems/fluentd-1.15.1/lib/fluent/engine.rb:147:in `run'
1302
2022-08-19 13:22:22 +0000 [error]: #0 /usr/share/gems/gems/fluentd-1.15.1/lib/fluent/supervisor.rb:760:in `block in run_worker'
1303
2022-08-19 13:22:22 +0000 [error]: #0 /usr/share/gems/gems/fluentd-1.15.1/lib/fluent/supervisor.rb:1036:in `main_process'
1304
2022-08-19 13:22:22 +0000 [error]: #0 /usr/share/gems/gems/fluentd-1.15.1/lib/fluent/supervisor.rb:751:in `run_worker'
1305
2022-08-19 13:22:22 +0000 [error]: #0 /usr/share/gems/gems/fluentd-1.15.1/lib/fluent/command/fluentd.rb:386:in `<top (required)>'
1306
2022-08-19 13:22:22 +0000 [error]: #0 /usr/share/gems/gems/fluentd-1.15.1/bin/fluentd:15:in `require'
1307
2022-08-19 13:22:22 +0000 [error]: #0 /usr/share/gems/gems/fluentd-1.15.1/bin/fluentd:15:in `<top (required)>'
1308
2022-08-19 13:22:22 +0000 [error]: #0 /usr/bin/fluentd:23:in `load'
1309
2022-08-19 13:22:22 +0000 [error]: #0 /usr/bin/fluentd:23:in `<main>'
1310
2022-08-19 13:22:22 +0000 [error]: #0 unexpected error error_class=RestClient::SSLCertificateNotVerified error="SSL_connect returned=1 errno=0 state=error: certificate verify failed (unable to get local issuer certificate)"
Did you try setting
insecureSSL: truein thevalues.yamlfile and then redeploying?