Deployment Architecture
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Splunk forwarder in EC2 not reaching the indexer

mirceaned
New Member
‎05-31-2018 04:43 PM

I've installed splunk forwarder inside a Docker container and when I use a local VM I am able to see the events coming in the Indexer page.
However, when deploying the container on an EC2 instance, there are 0 events being generated.
Is there any special configuration needed for EC2 case?

One difference I spotted in the logs is that the non working install had this additional line in splunkd.log file.
I could not find any other errors/warnings compared to the working case.
I cannot attach the full log because I don't have enough points.

05-31-2018 22:59:15.477 +0000 INFO TailReader - tailreader0 waiting to be un-paused

Tags (1)
0 Karma
Reply
Get Updates on the Splunk Community!

Now Available: Cisco Talos Threat Intelligence Integrations for Splunk Security Cloud ...

At .conf24, we shared that we were in the process of integrating Cisco Talos threat intelligence into Splunk ...

Preparing your Splunk Environment for OpenSSL3

The Splunk platform will transition to OpenSSL version 3 in a future release. Actions are required to prepare ...

Easily Improve Agent Saturation with the Splunk Add-on for OpenTelemetry Collector

Agent Saturation What and Whys In application performance monitoring, saturation is defined as the total load ...