Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Solved! Jump to solution

Why am I getting a "Permission Denied" error when running './splunk list forward-server'?

srajesh82
Engager
‎04-08-2015 12:12 PM

I am trying to add the forwader or list it, but it ends up in permission denied messsage

./splunk list forward-server
Splunk username: admin
Password:
Can't create directory "/root/.splunk": Permission denied

Need your help to fix this

Tags (2)
Reply
1 Solution
Solved! Jump to solution
Solution

srajesh82
Engager
‎04-08-2015 12:27 PM

We started the splunk instance using an service account.
But later we were trying to check the forwarder testing using root account which ends up wit above error.

we changed back to service account and it worked.

View solution in original post

Reply
Solved! Jump to solution

goelli
Communicator
‎02-20-2017 09:32 AM

Either run the command as the same user as Splunk runs:

sudo -u splunk_user /path/to/splunk command

Or do the following for every user you want to run the commands (you have to insert the hostname and the mgmt port of your Splunk instance):

cd ~
mkdir .splunk
chmod 777 -R .splunk
touch .splunk/authToken_hostname_port
chmod 600 .splunk/authToken_hostname_port
Reply
Solved! Jump to solution

harsmarvania57
Ultra Champion
‎04-08-2015 12:30 PM

You need to run above command with same user as splunk service is running.

Reply
Solved! Jump to solution

nickhills
Ultra Champion
‎02-20-2017 10:45 AM

if you have used the default usernames and paths you should be able run:

sudo -u splunk /opt/splunk/bin/splunk list forward-server
If my comment helps, please give it a thumbs up!
Reply
Solved! Jump to solution
Solution

srajesh82
Engager
‎04-08-2015 12:27 PM

We started the splunk instance using an service account.
But later we were trying to check the forwarder testing using root account which ends up wit above error.

we changed back to service account and it worked.

Reply
Solved! Jump to solution

harsmarvania57
Ultra Champion
‎04-08-2015 12:15 PM

Can you please let us know from which users you are trying to run above command? And from which user, splunk service is running??

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...

Observability Simplified: Combining User Experience, Application Performance & ...

Tech Talk Observability Simplified: Combining User Experience, Application Performance & Network ...

Event Series May & June: From Network Visibility to Service Intelligence

Unifying the Network: Moving from Alert Noise to Service Intelligence with Splunk ITSI In today’s hybrid ...