Getting Data In

Why am I seeing "Authentication failed" in the Distributed Management Console for search peers added using CLI commands in a script?

kimche
Path Finder

Hi all,

I add the search peers by using the CLI commands in a script. When I check the Distributed Management Console UI, I see that the status for all of them is "Authentication failed". The credentials provided are correct. If I delete them and re-add them manually (I just copy the exact servername:port) they are instantly "Up". What extra step am I missing in my script to have them up instantly?

Thanks,

Kimche

0 Karma
1 Solution

kimche
Path Finder

This problem has been solved once I edited the distsearch.conf with distributed search groups with other names ([distributedSearch:dmc_group_indexer] instead of [distributedSearch:indexer]). After that all the instances were Up again.

View solution in original post

kimche
Path Finder

This problem has been solved once I edited the distsearch.conf with distributed search groups with other names ([distributedSearch:dmc_group_indexer] instead of [distributedSearch:indexer]). After that all the instances were Up again.

Get Updates on the Splunk Community!

Introducing Ingest Actions: Filter, Mask, Route, Repeat

WATCH NOW Ingest Actions (IA) is the best new way to easily filter, mask and route your data in Splunk® ...

Splunk Forwarders and Forced Time Based Load Balancing

Splunk customers use universal forwarders to collect and send data to Splunk. A universal forwarder can send ...

NEW! Log Views in Splunk Observability Dashboards Gives Context From a Single Page

Today, Splunk Observability releases log views, a new feature for users to add their logs data from Splunk Log ...