Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How come replication isn't working on the Index cluster after a reboot?

christopherr_sp
Splunk Employee
Splunk Employee
‎12-07-2018 01:11 AM

We had to shut down one of the machines and create a new one. The cluster replication between the new and old ones does not work after a reboot.

The error message that was found in the splunkd.log files was:

ERROR RetryableClientTransaction - transactionDone(): transactionId=0x7fda3f101000
rTxnId=0x7fda3c5fe4d0 success=N HTTP-statusCode=404 HTTP-statusDescription=Not Found retry=N
no_retry_reason="transaction had fatal error"
Reply
1 Solution
Solved! Jump to solution
Solution

christopherr_sp
Splunk Employee
Splunk Employee
‎12-07-2018 01:13 AM

It was found that Splunk OnPremise was installed on AWS and all of the ports were closed.

Once port 8089 was opened replication resumed.

The following Documentation Enhancement Request has been raised to be considered in a future release of Splunk.

SPL-163427 Enhancement Request to check all ports are open in an Indexer Cluster/Search Head Cluster environment

The default ports that Splunk uses are below.

What are the ports that I need to open?

https://answers.splunk.com/answers/58888/what-are-the-ports-that-i-need-to-open.html

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

christopherr_sp
Splunk Employee
Splunk Employee
‎12-07-2018 01:13 AM

It was found that Splunk OnPremise was installed on AWS and all of the ports were closed.

Once port 8089 was opened replication resumed.

The following Documentation Enhancement Request has been raised to be considered in a future release of Splunk.

SPL-163427 Enhancement Request to check all ports are open in an Indexer Cluster/Search Head Cluster environment

The default ports that Splunk uses are below.

What are the ports that I need to open?

https://answers.splunk.com/answers/58888/what-are-the-ports-that-i-need-to-open.html

0 Karma
Reply
Get Updates on the Splunk Community!

Now Available: Cisco Talos Threat Intelligence Integrations for Splunk Security Cloud ...

At .conf24, we shared that we were in the process of integrating Cisco Talos threat intelligence into Splunk ...

Preparing your Splunk Environment for OpenSSL3

The Splunk platform will transition to OpenSSL version 3 in a future release. Actions are required to prepare ...

Easily Improve Agent Saturation with the Splunk Add-on for OpenTelemetry Collector

Agent Saturation What and Whys In application performance monitoring, saturation is defined as the total load ...