Re: Cannot Login to Forwarder

pchukwuma · ‎02-01-2013

After installing the Forwarder, I cannot login to it. I have executed SPLUNK CLEAN ALL, but cannot login. I also tried placing the user-seed.conf in the etc/system/local directory, but I still cannot login. What am I missing?

Paolo_Prigione · ‎02-04-2013

Was the admin's default password of "changeme" ever changed? If you can not figure out the password, then

stop the UF
rename the $SPLUNK_HOME/etc/passwd file

Now you have the default credentials (admin/changeme) back.

However, if you want to achieve similar results to clean all, then:

stop the UF
rename $SPLUNK_HOME/var to something else
rename $SPLUNK_HOME/etc/users to something else
start the UF
if everything works fine, drop the renamed folders.

Ayn · ‎02-01-2013

How are you trying to login? What credentials are you using?

DaveSavage · ‎02-01-2013

When you say 'log in' you are trying to connect to it through the GUI? It doesn't support that. You can access it via the CLI and there is a rich thread on the commands at http://docs.splunk.com/Documentation/Splunk/latest/Admin/CLIadmincommands (thanks Drainy 😉

pchukwuma · ‎02-01-2013

I am trying to login through the CLI. The Splunk Clean All is a CLI command.

Cannot Login to Forwarder

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas

What Is the Name of the USB Key Inserted by Bob Smith? (BOTS Hint, Not the Answer)

Automating Threat Operations and Threat Hunting with Recorded Future

Join the Conversation