In TrueSight Capacity Optimization (TSCO) Moviri Splunk ETL fails with this message: Detected an abnormal ETL termination. Reason: java.lang.RuntimeException: Received fatal alert: protocol_version

Knowledge Article

In TrueSight Capacity Optimization (TSCO) Moviri Splunk ETL fails with this message: Detected an abnormal ETL termination. Reason: java.lang.RuntimeException: Received fatal alert: protocol_version
In TSCO, Moviri Splunk ETL fails with this message: Detected an abnormal ETL termination. Reason: java.lang.RuntimeException: Received fatal alert: protocol_version
TrueSight Capacity Optimization
Capacity Optimization
TrueSight Capacity Optimization 10.7.01.11.X
TrueSight Capacity Optimization
Capacity Optimization
TrueSight Capacity Optimization 10.7.01.11.X
Configured a Splunk ETL in environment but it fails after a Splunk Search Heads upgrade to 6.3.3

<----cut---->
[2018-01-12 09:21:41] INFO Splunk Connector Core:  using SSL security protocol TLSv1
[2018-01-12 09:21:41] FAILED BCO_ETL_ERR011: Detected an abnormal ETL termination. Reason: java.lang.RuntimeException: Received fatal alert: protocol_version
    at com.splunk.HttpService.send(HttpService.java:409)
    at com.splunk.Service.send(Service.java:1293)
    at com.splunk.HttpService.post(HttpService.java:308)
    at com.splunk.Service.login(Service.java:1122)
    at com.splunk.Service.login(Service.java:1101)
    at com.splunk.Service.connect(Service.java:187)
    at ETL.util.SplunkCoreME.connect(SplunkCoreME.java:137)
    at com.neptuny.cpit.etl.Engine.start(Engine.java:129)
    at com.neptuny.cpit.etl.ETLrun.main(ETLrun.java:171)
Caused by: javax.net.ssl.SSLException: Received fatal alert: protocol_version
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
    at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:2023)
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1125)
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
    at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
    at sun.net.www.protocol.http.HttpURLConnection.getOutputStream0(HttpURLConnection.java:1283)
    at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1258)
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250)
    at com.splunk.HttpService.send(HttpService.java:403)
    ... 8 more
<----cut---->
Make sure have selected the correct protocol TLSv1.2 on the ETL as TLSv1 is obsolete in Java 1.8. So,the ETL configuration was set to use TLSv1.

For Java 1.8, which is the version used by TSCO 10.7.01, the default TLS protocol is v1.2.

Java 1.6 and 1.7 default is obsoleted TLS1.0.
 

User-added image
TrueSight Capacity Optimization
Capacity Optimization
TrueSight Capacity Optimization 10.7.01.11.X
Attachment(s):