All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

how to resolve splunk permission denied for snmp port 162?

kiran331
Builder
‎01-03-2018 08:56 AM

Hi,

I'm trying to configure snmp modular input to listen snmp traps, I see the permission denied error in internal logs for snmp. We are using RHEL, how to use ip tables to route to different port? OR is there any other way to resolve this one?

0 Karma
Reply

Damien_Dallimor
Ultra Champion
‎01-03-2018 02:05 PM

You are most likely not running Splunk with a user that has permission for opening ports < 1024
Mentioned inline in the annotation for the port field on the setup page.

alt text

Preview file
60 KB
0 Karma
Reply

gmchenry
Explorer
‎01-03-2018 12:59 PM

What version of RHEL are you using? If you are using 7 or higher then you can just use the firewalld service and firewall-cmd to enable it.

NOTE: Make sure that all your host firewall rules aren't already using iptables.

if not already, enable firewalld
# systemctl start firewalld

Then start firewalld
# systemctl start firewalld

Just add the ports/services that you want to allow in:
# firewall-cmd --add-service=snmp --perm
(note: the --perm option makes it permanent after reloading)

Now just reload the firewall rules and you should be good to go.
# firewall-cmd --reload

To doublecheck that it was added, just run:
# firewall-cmd --list-services

You should now see "snmp" as one of the services.

0 Karma
Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey
Get Updates on the Splunk Community!

Data Persistence in the OpenTelemetry Collector

This blog post is part of an ongoing series on OpenTelemetry. What happens if the OpenTelemetry collector ...

Introducing Splunk 10.0: Smarter, Faster, and More Powerful Than Ever

Now On Demand Whether you're managing complex deployments or looking to future-proof your data ...

Community Content Calendar, September edition

Welcome to another insightful post from our Community Content Calendar! We're thrilled to continue bringing ...