Solved: Why am I seeing "Authentication failed" in the Dis...

kimche · ‎10-22-2015

Hi all,

I add the search peers by using the CLI commands in a script. When I check the Distributed Management Console UI, I see that the status for all of them is "Authentication failed". The credentials provided are correct. If I delete them and re-add them manually (I just copy the exact servername:port) they are instantly "Up". What extra step am I missing in my script to have them up instantly?

Thanks,

Kimche

kimche · ‎10-29-2015

This problem has been solved once I edited the distsearch.conf with distributed search groups with other names ([distributedSearch:dmc_group_indexer] instead of [distributedSearch:indexer]). After that all the instances were Up again.

View solution in original post

kimche · ‎10-29-2015

This problem has been solved once I edited the distsearch.conf with distributed search groups with other names ([distributedSearch:dmc_group_indexer] instead of [distributedSearch:indexer]). After that all the instances were Up again.

Why am I seeing "Authentication failed" in the Distributed Management Console for search peers added using CLI commands in a script?

Index This | When is October more than just the tenth month?

Observe and Secure All Apps with Splunk

What’s New & Next in Splunk SOAR

Are you a member of the Splunk Community?

Why am I seeing "Authentication failed" in the Distributed Management Console for search peers added using CLI commands in a script?

Index This | When is October more than just the tenth month?

Observe and Secure All Apps with Splunk

What’s New & Next in Splunk SOAR