Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How come replication isn't working on the Index cluster after a reboot?

christopherr_sp
Splunk Employee
Splunk Employee
‎12-07-2018 01:11 AM

We had to shut down one of the machines and create a new one. The cluster replication between the new and old ones does not work after a reboot.

The error message that was found in the splunkd.log files was:

ERROR RetryableClientTransaction - transactionDone(): transactionId=0x7fda3f101000
rTxnId=0x7fda3c5fe4d0 success=N HTTP-statusCode=404 HTTP-statusDescription=Not Found retry=N
no_retry_reason="transaction had fatal error"
Reply
1 Solution
Solved! Jump to solution
Solution

christopherr_sp
Splunk Employee
Splunk Employee
‎12-07-2018 01:13 AM

It was found that Splunk OnPremise was installed on AWS and all of the ports were closed.

Once port 8089 was opened replication resumed.

The following Documentation Enhancement Request has been raised to be considered in a future release of Splunk.

SPL-163427 Enhancement Request to check all ports are open in an Indexer Cluster/Search Head Cluster environment

The default ports that Splunk uses are below.

What are the ports that I need to open?

https://answers.splunk.com/answers/58888/what-are-the-ports-that-i-need-to-open.html

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

christopherr_sp
Splunk Employee
Splunk Employee
‎12-07-2018 01:13 AM

It was found that Splunk OnPremise was installed on AWS and all of the ports were closed.

Once port 8089 was opened replication resumed.

The following Documentation Enhancement Request has been raised to be considered in a future release of Splunk.

SPL-163427 Enhancement Request to check all ports are open in an Indexer Cluster/Search Head Cluster environment

The default ports that Splunk uses are below.

What are the ports that I need to open?

https://answers.splunk.com/answers/58888/what-are-the-ports-that-i-need-to-open.html

0 Karma
Reply
Get Updates on the Splunk Community!

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

Take a look below to explore our upcoming Community Office Hours, Tech Talks, and Webinars this month. This ...

They're back! Join the SplunkTrust and MVP at .conf24

With our highly anticipated annual conference, .conf, comes the fez-wearers you can trust! The SplunkTrust, as ...

Enterprise Security Content Update (ESCU) | New Releases

Last month, the Splunk Threat Research Team had two releases of new security content via the Enterprise ...