Getting Data In

Splunk search head docker behind nginx reverse proxy - how to deactivate test basic http on startup?

wfskmoney
Path Finder

my container starts behind nginx (web ssl deactivated), but then fails and restarts every minute:

FAILED - RETRYING: Test basic https endpoint (60 retries left).

since my nginx routes www.mysplunkserver.com:443/80 to container, :8000 is not routed for now.

Is there a way to  deactivate basic https endpoint test?

[settings]
enableSplunkWebSSL = 0
httpport = 8000
tools.proxy.on = true
Labels (1)
Tags (1)
0 Karma
1 Solution

wfskmoney
Path Finder

The solution was that I changed the admin password inside Splunk, which was different from the SPLUNK_PASSWORD environment in the docker-compose file. This needs to be in sync:

    environment:
      - SPLUNK_START_ARGS=--accept-license
      - SPLUNK_PASSWORD=MustBeTheSameAsManuallyChangedAdminPassword

View solution in original post

0 Karma

wfskmoney
Path Finder

The solution was that I changed the admin password inside Splunk, which was different from the SPLUNK_PASSWORD environment in the docker-compose file. This needs to be in sync:

    environment:
      - SPLUNK_START_ARGS=--accept-license
      - SPLUNK_PASSWORD=MustBeTheSameAsManuallyChangedAdminPassword
0 Karma
Get Updates on the Splunk Community!

Splunk Forwarders and Forced Time Based Load Balancing

Splunk customers use universal forwarders to collect and send data to Splunk. A universal forwarder can send ...

NEW! Log Views in Splunk Observability Dashboards Gives Context From a Single Page

Today, Splunk Observability releases log views, a new feature for users to add their logs data from Splunk Log ...

Last Chance to Submit Your Paper For BSides Splunk - Deadline is August 12th!

Hello everyone! Don't wait to submit - The deadline is August 12th! We have truly missed the community so ...