Getting Data In
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Why am I unable to connect my Windows universal forwarder to the Sandbox?

lehrfeld
Path Finder
‎03-07-2015 08:23 AM

All -

I would like to experiment with Splunk Cloud but I am having an issue getting any data into my sandbox.

I installed the windows UF on my laptop and told it to forward windows events to my cloud instance (prd-p-mycloud.cloud.splunk.com:9997). I then downloaded and installed the credentials from the UF App in Splunk Cloud.

All the documentation I have been able to find indicates that is all I need to do. But for some reason in my splunkd log file I am getting the WARN TcpOutputProc - Cooked connection to ip=x.x.x.x:9997 timed out error.

When I run a netstat, I get an ESTABLISHED connection to port 9997 with Splunk Cloud. I even went so far as to turn off my Windows firewall and still nothing.

Any thoughts or docs that I may have missed to set this up?

Thanks!

Mike

Reply
1 Solution
Solved! Jump to solution
Solution

ppablo
Retired
‎03-09-2015 10:44 AM

Hi @lehrfeld

Here's a previous Answers post covering the process for setting up a forwarder for the Sandbox that might be helpful. There is a note specifically for Windows forwarders at the very bottom of the answer. Not sure if that's part of the issue you're experiencing, but worth checking out. http://answers.splunk.com/answers/214420/how-do-i-setup-a-splunk-cloud-trial-sandbox-forwar.html

View solution in original post

Reply
Solved! Jump to solution
Solution

ppablo
Retired
‎03-09-2015 10:44 AM

Hi @lehrfeld

Here's a previous Answers post covering the process for setting up a forwarder for the Sandbox that might be helpful. There is a note specifically for Windows forwarders at the very bottom of the answer. Not sure if that's part of the issue you're experiencing, but worth checking out. http://answers.splunk.com/answers/214420/how-do-i-setup-a-splunk-cloud-trial-sandbox-forwar.html

Reply
Get Updates on the Splunk Community!

Shape the Future of Splunk: Join the Product Research Lab!

Join the Splunk Product Research Lab and connect with us in the Slack channel #product-research-lab to get ...

Auto-Injector for Everything Else: Making OpenTelemetry Truly Universal

You might have seen Splunk’s recent announcement about donating the OpenTelemetry Injector to the ...

[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions

This challenge was first posted on Slack #puzzles channelFor BORE at .conf23, we had a puzzle question which ...