[BUG] Can't compile on OSX

[Scoubi]

Describe the bug Library conflict.

ERROR: Cannot install splunk-eventgen and splunk-eventgen==7.2.1 because these package versions have conflicting dependencies.

The conflict is caused by:
    splunk-eventgen 7.2.1 depends on urllib3==1.24.2
    requests 2.19.1 depends on urllib3<1.24 and >=1.21.1
    splunk-eventgen 7.2.1 depends on urllib3==1.24.2
    requests 2.19.0 depends on urllib3<1.24 and >=1.21.1
    splunk-eventgen 7.2.1 depends on urllib3==1.24.2
    requests 2.18.4 depends on urllib3<1.23 and >=1.21.1

To fix this you could try to:
1. loosen the range of package versions you've specified
2. remove package versions to allow pip attempt to solve the dependency conflict

ERROR: ResolutionImpossible: for help visit https://pip.pypa.io/en/latest/topics/dependency-resolution/#dealing-with-dependency-conflicts

To Reproduce Steps to reproduce the behavior:

$ git clone https://www.github.com/splunk/eventgen.git
$ cd eventgen
$ poetry --version
Poetry (version 1.4.2)
$ poetry build
Building splunk_eventgen (7.2.1)
  - Building sdist
  - Built splunk_eventgen-7.2.1.tar.gz
  - Building wheel
  - Built splunk_eventgen-7.2.1-py3-none-any.whl
$ pip install dist/splunk_eventgen-7.2.1.tar.gz
ERROR: Cannot install splunk-eventgen and splunk-eventgen==7.2.1 because these package versions have conflicting dependencies.

The conflict is caused by:
    splunk-eventgen 7.2.1 depends on urllib3==1.24.2
    requests 2.19.1 depends on urllib3<1.24 and >=1.21.1
    splunk-eventgen 7.2.1 depends on urllib3==1.24.2
    requests 2.19.0 depends on urllib3<1.24 and >=1.21.1
    splunk-eventgen 7.2.1 depends on urllib3==1.24.2
    requests 2.18.4 depends on urllib3<1.23 and >=1.21.1

To fix this you could try to:
1. loosen the range of package versions you've specified
2. remove package versions to allow pip attempt to solve the dependency conflict

ERROR: ResolutionImpossible: for help visit https://pip.pypa.io/en/latest/topics/dependency-resolution/#dealing-with-dependency-conflicts

**Expected behavior**
I expect the package to compile

**Actual behavior**
Package do not compile because of urllib version requirement conflicts

**Screenshots**
All terminal out put

**Sample files and eventgen.conf file**
Did not modify

**Additional context**
Running on OSX.
Install poetry via `brew`

I tried to change urllib3 version pin to 1.14 in both `splunk_eventgen/lib/requirements.txt` and `./poetry.lock` with no success

[shimonShouei]

I got this problem too

[ugle1]

Experiencing the same issue on a RHEL 8.8 installation, in a Python 3.9 virtual environment. I've tested poetry build when cloning both the develop branch and the master branch. Same issue in both cases. I have also attempted tweaks to requirements.txt and the poetry.lock file. Would like to use eventgen outside of Splunk so would be nice to get some help.

[ugle1]

After much troubleshooting, this is a way that worked for me:

python3.8 -m venv ".eventgen"
source ~/.eventgen/bin/activate
pip install --upgrade pip
pip install --upgrade requests==2.20.0
pip install --upgrade urllib3==1.24.2

Install poetry through running: curl -sSL https://install.python-poetry.org/ | python Source for the command: https://github.com/python-poetry/poetry

Clone the repo: git clone https://github.com/splunk/eventgen.git

Make the following changes to eventgen/pyproject.toml:

index fd78884..00c29f8 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -29,8 +29,8 @@ python = "^3.7"
 docker = "^3.7.3"
 pyOpenSSL = "^19.1.0"
 lxml = "^4.3.5"
-boto3 = "^1.12.45"
-requests = "^2.18.4"
+boto3 = "1.12.45"
+requests = "^2.20.0"
 requests-futures = "1.0.0"
 redis = "3.3.10"
 Flask = "^1.0.3"

Run this in the eventgen git repo root directory:

poetry build (or ~/.local/bin/poetry build)
cd dist
pip install splunk_eventgen-7.2.1.tar.gz

It should build fine and splunk_eventgen should be a valid command.

[ugle1]

After much troubleshooting, this is a way that worked for me:

python3.8 -m venv ".eventgen"
source ~/.eventgen/bin/activate
pip install --upgrade pip
pip install --upgrade requests==2.20.0
pip install --upgrade urllib3==1.24.2

Install poetry through running: curl -sSL https://install.python-poetry.org/ | python Source for the command: https://github.com/python-poetry/poetry

Clone the repo: git clone https://github.com/splunk/eventgen.git

Make the following changes to eventgen/pyproject.toml:

index fd78884..00c29f8 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -29,8 +29,8 @@ python = "^3.7"
 docker = "^3.7.3"
 pyOpenSSL = "^19.1.0"
 lxml = "^4.3.5"
-boto3 = "^1.12.45"
-requests = "^2.18.4"
+boto3 = "1.12.45"
+requests = "^2.20.0"
 requests-futures = "1.0.0"
 redis = "3.3.10"
 Flask = "^1.0.3"

Run this in the eventgen git repo root directory:

poetry build (or ~/.local/bin/poetry build)
cd dist
pip install splunk_eventgen-7.2.1.tar.gz

It should build fine and splunk_eventgen should be a valid command.

I am afraid my workaround malfunctions. It seems it is not possible to forward logs through the local heavy forwarder. Guess there's more to it.

[benbramley]

I was able to get it working in Docker using the following (hacky) Dockerfile:

FROM --platform=linux/x86-64 python:3.8.5

RUN git clone https://www.github.com/splunk/eventgen
WORKDIR /eventgen
RUN git checkout master
RUN curl -sSL https://install.python-poetry.org | python3 -
RUN /root/.local/bin/poetry build
RUN pip install dist/splunk_eventgen-7.2.1.tar.gz
RUN pip install markupsafe==2.0.1

Then run the following command from the directory where the Dockerfile is:

docker build -t eventgen .

Then run:

docker run --rm -t -i eventgen:latest /bin/bash

From the resulting shell you can then run the splunk_eventgen command line.

Am able to push events to the HEC using this method from my Mac

[xenogloss]

Same issue. A new release would be appreciated.
DISTRIB_ID=Ubuntu DISTRIB_RELEASE=23.10 DISTRIB_CODENAME=mantic DISTRIB_DESCRIPTION="Ubuntu 23.10" PRETTY_NAME="Ubuntu 23.10"

[accidentalrebel]

I've spent hours trying to get this to work. Your comment did the trick. https://github.com/splunk/eventgen/issues/473#issuecomment-1925188477