Getting Data In
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Have difficulty to add forward server

xinlunsm
Engager
‎12-21-2012 02:38 PM

Hi,

I installed Splunk 5.0 with *nix on a windows server 2008 r2, and installed Splunk Forwarder on a Linux server and started it. I have enabled port 9000 in Splunk manager for forwarder, and also check the post was not be blocked by fire wall. Then I try to add a forward-server from Linux box which has forwarder installed. But it always gave me an error message - "Login failed, unanthorized" but i am sure the user name "admin" and the password are working, since I can use the same user/pass to login Splunk. Did I missed something? BTW, the command I used to add forward-ser is :
"[root@xxx ~]# /opt/splunkforwarder/bin/splunk add forward-server xxx.xxx.xxx.xxx:9000"

Any idea? Thanks

Lu

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

Ayn
Legend
‎12-21-2012 02:53 PM

The password is not for the Splunk indexer, it's for the local forwarder. If you didn't change the password there, it's "changeme".

View solution in original post

Reply
Solved! Jump to solution
Solution

Ayn
Legend
‎12-21-2012 02:53 PM

The password is not for the Splunk indexer, it's for the local forwarder. If you didn't change the password there, it's "changeme".

Reply
Solved! Jump to solution

xinlunsm
Engager
‎12-21-2012 03:01 PM

Thanks a lot, i thought the user name and password is used to subscribe the forward service to Splunk manager, what a ???? I am, ^-^

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Observability Cloud’s AI Assistant in Action Series: Analyzing and ...

This is the second post in our Splunk Observability Cloud’s AI Assistant in Action series, in which we look at ...

Elevate Your Organization with Splunk’s Next Platform Evolution

 Thursday, July 10, 2025  |  11AM PDT / 2PM EDT Whether you're managing complex deployments or looking to ...

Splunk Answers Content Calendar, June Edition

Get ready for this week’s post dedicated to Splunk Dashboards! We're celebrating the power of community by ...
Top