My Splunk Enterprise don't accept telnet or tcp (m...

Cyner__ · ‎06-07-2024

Hi. I am new to splunk. I have configured everything. I am trying to solve this issue for 2 days.

I have universal forwerder on the ubuntu server with different network. I have downloaded splunk enterprise to my windows 10 computer.

My port 9997 is enabled. Firewall is disabled. Even with zyxel interface i bypassed the port 9997.

My splunk is listening on port 9997.

The thing is with telnet from any other source to my computer (i tried with both my mobile internet and UF client) is still getting denied.

How should i proceed to make it work. Im stuck so bad

Thanks for your helps

this is the mobile internet test with Test-NetConnections to my pc (splunk server i guess)

ComputerName : x.x.x.x <desired.connection>

RemoteAddress : x.x.x.x <desired connection>
RemotePort : 9997
InterfaceAlias : Wi-Fi
SourceAddress : X.x.x.x <my ip>
PingSucceeded : False
PingReplyDetails (RTT) : 0 ms
TcpTestSucceeded : False

tscroggins · ‎06-08-2024

Hi @Cyner__,

If both devices are connected to your Zyxel access point / router using WiFi, make sure layer-2 isolation is correctly configured for the devices to communicate. You should be able to find instructions for configuring isolation white lists in your Zyxel documentation.

inventsekar · ‎06-07-2024

Hi @Cyner__

from the UF, are you able to ping the indexer?

from the UF to indexer, is telnet working fine?

telnet index:9997 .. is it working fine or not..

thanks and best regards,
Sekar

PS - If this or any post helped you in any way, pls consider upvoting, thanks for reading !

My Splunk Enterprise don't accept telnet or tcp (my computer) from different networks

universal forwarder

Windows

Can’t make it to .conf25? Join us online!

What Is Splunk? Here’s What You Can Do with Splunk

Level Up Your .conf25: Splunk Arcade Comes to Boston

Manual Instrumentation with Splunk Observability Cloud: How to Instrument Frontend ...

Are you a member of the Splunk Community?