Deployment Architecture
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Splunk forwarder in EC2 not reaching the indexer

mirceaned
New Member
‎05-31-2018 04:43 PM

I've installed splunk forwarder inside a Docker container and when I use a local VM I am able to see the events coming in the Indexer page.
However, when deploying the container on an EC2 instance, there are 0 events being generated.
Is there any special configuration needed for EC2 case?

One difference I spotted in the logs is that the non working install had this additional line in splunkd.log file.
I could not find any other errors/warnings compared to the working case.
I cannot attach the full log because I don't have enough points.

05-31-2018 22:59:15.477 +0000 INFO TailReader - tailreader0 waiting to be un-paused

Tags (1)
0 Karma
Reply
Get Updates on the Splunk Community!

Observe and Secure All Apps with Splunk

  Join Us for Our Next Tech Talk: Observe and Secure All Apps with SplunkAs organizations continue to innovate ...

Splunk Decoded: Business Transactions vs Business IQ

It’s the morning of Black Friday, and your e-commerce site is handling 10x normal traffic. Orders are flowing, ...

Fastest way to demo Observability

I’ve been having a lot of fun learning about Kubernetes and Observability. I set myself an interesting ...