Deployment Architecture
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Splunk forwarder in EC2 not reaching the indexer

mirceaned
New Member
‎05-31-2018 04:43 PM

I've installed splunk forwarder inside a Docker container and when I use a local VM I am able to see the events coming in the Indexer page.
However, when deploying the container on an EC2 instance, there are 0 events being generated.
Is there any special configuration needed for EC2 case?

One difference I spotted in the logs is that the non working install had this additional line in splunkd.log file.
I could not find any other errors/warnings compared to the working case.
I cannot attach the full log because I don't have enough points.

05-31-2018 22:59:15.477 +0000 INFO TailReader - tailreader0 waiting to be un-paused

Tags (1)
0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Observability Cloud's AI Assistant in Action Series: Auditing Compliance and ...

This is the third post in the Splunk Observability Cloud’s AI Assistant in Action series that digs into how to ...

Splunk Community Badges!

  Hey everyone! Ready to earn some serious bragging rights in the community? Along with our existing badges ...

What You Read The Most: Splunk Lantern’s Most Popular Articles!

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...
Top