Getting Data In
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Remote Authentication - Forwarder not sending from internet to PC with DDNS

j666gak
Communicator
‎07-05-2012 04:36 PM

Hello,

I am setting up a test lab with Splunk. As I have a VPS (Virtual Private Server) for web hosting I thought it would be a good idea to have some data from a source external to my LAN.

I installed the Universal Forwarder on my VPS, when doing so and setting the Indexer it would not let me enter the correct username and password so I had to set admin:changeme. On my LAN port forwarding is configured and DUC client from NO-IP is installed on the Splunk box, but nothing is being indexed.

Running a netstat on my Splunk box can see active connections from VPS to the Splunk box on port 9997, which is correct as I configured on the forwarder.

The only thing that I can think of is that auth is failing? but how can I fix this if it won't let me set the correct credentials on the forwarder? it fails straight away and looks like it doesn't even query the remote indexer.

Would appreciate any help

Thanks
Guy

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

j666gak
Communicator
‎07-07-2012 11:21 AM

Logged in to the Universal Forwarder, then changed the password. Following this and installing the Unix app on the forwarder it worked great!

All good

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

j666gak
Communicator
‎07-07-2012 11:21 AM

Logged in to the Universal Forwarder, then changed the password. Following this and installing the Unix app on the forwarder it worked great!

All good

0 Karma
Reply
Get Updates on the Splunk Community!

Index This | When is October more than just the tenth month?

October 2025 Edition  Hayyy Splunk Education Enthusiasts and the Eternally Curious!   We’re back with this ...

Observe and Secure All Apps with Splunk

  Join Us for Our Next Tech Talk: Observe and Secure All Apps with SplunkAs organizations continue to innovate ...

What’s New & Next in Splunk SOAR

 Security teams today are dealing with more alerts, more tools, and more pressure than ever.  Join us for an ...