Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

After installing and configuring a universal forwarder on a remote Linux machine, why am I unable to login and connect to the remote instance?

dougcabell
Explorer
‎03-03-2015 12:08 PM

On the remote end I see this after installing/configuring Universal Forwarder:

./splunk list forward-server
Splunk username: admin
Password: 
Active forwards:
    10.40.10.69:9997
Configured but inactive forwards:
    None

If I run setup.sh on the Splunk Server I see an option 5 per below:

    Please choose from one of the following options:

1 - show *nix input status
2 - manage *nix inputs
3 - install/upgrade app
4 - change credentials
5 - connect to remote instance

0 - logout and exit program

I select option 5 and try http://nvp02:8089 and I try 10.30.11.25:8089 and neither will let me login
If I try https://nvp02:8089 and I try https://10.30.11.25:8089 I still cannot login
NO LOGINS WORK
If I run setup.sh on the remote server when it asks for the initial login before the menu, I can login with the default spunk uname/pwd
Yes, I can ssh and sftp from the server to the remote linux host.

Why does this not work for me?

Help please

Thank You

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

dougcabell
Explorer
‎03-03-2015 02:58 PM

My own answer, I fixed it
Needed to modify server.conf on the Universal forwarder to include
[general]
allowRemoteLogin =requireSetPassword
and need to change the password from the default
./splunk edit user admin -password "new admin password" -role admin -auth admin:change me

Definitely a documentation issue for sure. Lack thereof.

View solution in original post

Reply
Solved! Jump to solution
Solution

dougcabell
Explorer
‎03-03-2015 02:58 PM

My own answer, I fixed it
Needed to modify server.conf on the Universal forwarder to include
[general]
allowRemoteLogin =requireSetPassword
and need to change the password from the default
./splunk edit user admin -password "new admin password" -role admin -auth admin:change me

Definitely a documentation issue for sure. Lack thereof.

Reply
Solved! Jump to solution

ppablo
Retired
‎03-04-2015 01:19 PM

Just for reference, this is documented on this page:
http://docs.splunk.com/Documentation/Splunk/6.2.2/Admin/AccessandusetheCLIonaremoteserver

0 Karma
Reply
Get Updates on the Splunk Community!

New Case Study Shows the Value of Partnering with Splunk Academic Alliance

The University of Nevada, Las Vegas (UNLV) is another premier research institution helping to shape the next ...

How to Monitor Google Kubernetes Engine (GKE)

We’ve looked at how to integrate Kubernetes environments with Splunk Observability Cloud, but what about ...

Index This | How can you make 45 using only 4?

October 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this ...