Solved: Have difficulty to add forward server

xinlunsm · ‎12-21-2012

Hi,

I installed Splunk 5.0 with *nix on a windows server 2008 r2, and installed Splunk Forwarder on a Linux server and started it. I have enabled port 9000 in Splunk manager for forwarder, and also check the post was not be blocked by fire wall. Then I try to add a forward-server from Linux box which has forwarder installed. But it always gave me an error message - "Login failed, unanthorized" but i am sure the user name "admin" and the password are working, since I can use the same user/pass to login Splunk. Did I missed something? BTW, the command I used to add forward-ser is :
"[root@xxx ~]# /opt/splunkforwarder/bin/splunk add forward-server xxx.xxx.xxx.xxx:9000"

Any idea? Thanks

Lu

Ayn · ‎12-21-2012

The password is not for the Splunk indexer, it's for the local forwarder. If you didn't change the password there, it's "changeme".

View solution in original post

Ayn · ‎12-21-2012

The password is not for the Splunk indexer, it's for the local forwarder. If you didn't change the password there, it's "changeme".

xinlunsm · ‎12-21-2012

Thanks a lot, i thought the user name and password is used to subscribe the forward service to Splunk manager, what a ???? I am, ^-^

Have difficulty to add forward server

.conf25 Community Recap

Splunk App Developers | .conf25 Recap & What’s Next

Congratulations to the 2025-2026 SplunkTrust!

Are you a member of the Splunk Community?

Have difficulty to add forward server

.conf25 Community Recap

Splunk App Developers | .conf25 Recap & What’s Next

Congratulations to the 2025-2026 SplunkTrust!