Archive
Highlighted

Run Splunk Universal forwarder 6.3.4 on linux with defaultPort disabled

New Member

I have installed the Splunk Universal Forwarder version 6.3.4 on a RedHat 7.1 server and, after disabling the management port the splunkd process crashes. For disabling the default port we use an app with server.conf as follows:
disableDefaultPort = true

This configuration works fine with older versions of Splunk Universal forwarder like 6.1.6 or 6.2.5

Any suggestions?

Tags (1)
0 Karma
Highlighted

Re: Run Splunk Universal forwarder 6.3.4 on linux with defaultPort disabled

Motivator

If its crashing, you should see a crash log in the var/log/splunk directory. Try stripping out any other changes you've made to the forwarder, and just try restarting with the management port disabled. Does it still crash? You might want to open a support ticket for this.

0 Karma
Highlighted

Re: Run Splunk Universal forwarder 6.3.4 on linux with defaultPort disabled

New Member

Yes, there's a crash file in /var/log/splunk directory. Restarting splunk with the management port disabled makes it crash again and again.

0 Karma
Highlighted

Re: Run Splunk Universal forwarder 6.3.4 on linux with defaultPort disabled

Path Finder

Any reason to use 6.3.4? You may try the newer builds: 6.3.6 or 6.4.2 and see if it works.

Highlighted

Re: Run Splunk Universal forwarder 6.3.4 on linux with defaultPort disabled

SplunkTrust
SplunkTrust

is that configuration directive within the [httpServer] stanza?

View solution in original post

Highlighted

Re: Run Splunk Universal forwarder 6.3.4 on linux with defaultPort disabled

New Member

no, it's not with the [httpServer] stanza

0 Karma
Highlighted

Re: Run Splunk Universal forwarder 6.3.4 on linux with defaultPort disabled

SplunkTrust
SplunkTrust
0 Karma
Highlighted

Re: Run Splunk Universal forwarder 6.3.4 on linux with defaultPort disabled

New Member

Worked with the [httpServer] stanza. Thanks a lot!

0 Karma
Highlighted

Re: Run Splunk Universal forwarder 6.3.4 on linux with defaultPort disabled

SplunkTrust
SplunkTrust

I converted this to an answer. Please mark it as the correct one.

0 Karma