Getting Data In
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How do I set up a login to Splunk forwarder?

wsanderstii
Path Finder
‎04-28-2017 11:36 AM

Apparently the Splunk forwarder (splunkforwarder) has a web interface listening on port 8089. When I try to login with "admin/changeme" I get "Remote login has been disabled for 'admin' with the default password. Either set the password, or override by changing the 'allowRemoteLogin' setting in your server.conf file."

I can't find documentation on how to set a user and password up on this interface. Can this be done? Does the interface return any useful info?

Thanks w

Reply

mikki
Explorer
‎06-13-2024 01:28 PM

Upgraded to splunk universal forward 9.1.0 from 9.0.2. 

./splunk list monitor gives me the following error with default password : "Remote login has been disabled for 'admin' with the default password. Either set the password, or override by changing the 'allowRemoteLogin' setting in your server.conf file." for the first time.

tried above command to reset default password: still gives me : "Remote login has been disabled for 'admin' with the default password. Either set the password, or override by changing the 'allowRemoteLogin' setting in your server.conf file."

Looking for any answers.

Reply

dineshraj9
Builder
‎04-29-2017 12:44 AM

You can open the management port(default 8089) on the forwarder, but to access this port you need to change the default admin password on the forwarder from "changeme" to something different. Once you have done that, you can access the apps and configurations on the forwarder using REST endpoint and get information on inputs and outputs.

Change password - ./splunk edit user admin -password foo -role admin -auth admin:changeme

Restart forwarder

Access rest endpoint - https://forwarder1.mycompany.com:8089/services/data/inputs/ and enter admin credentials or

OR use CURL command - curl -k -u admin:<password> https://forwarder1.mycompany.com:8089/services/data/inputs/

0 Karma
Reply
Get Updates on the Splunk Community!

Automatic Discovery Part 1: What is Automatic Discovery in Splunk Observability Cloud ...

If you’ve ever deployed a new database cluster, spun up a caching layer, or added a load balancer, you know it ...

Real-Time Fraud Detection: How Splunk Dashboards Protect Financial Institutions

Financial fraud isn't slowing down. If anything, it's getting more sophisticated. Account takeovers, credit ...

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

 Are you tired of troubleshooting delays caused by siloed frontend, application, and network data? We've got a ...