Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forย 
Search instead forย 
Did you mean:ย 
Ask a Question
Solved! Jump to solution

Why am I unable to forward logs from a FreeBSD machine to our managed Splunk Cloud instance?

Michael_Carlisl
Explorer
โ€Ž09-07-2016 12:32 PM

Hi All,

I'm trying to forward logs from a FreeBSD machine to our Splunk Cloud instance. I've downloaded the spl file that is located within the site, but when I try to install the app, it is still not connecting. I validated that the port is open, and I have not done anything with the conf files other than using the CLI commands to add monitoring. One thing I did notice is that our Windows machines have (ssl) beside their "Active forwards" where as my "Inactive forwards" do not have (ssl) beside them. I had assumed the certificate was part of the .spl install. Any ideas?

Best,
Michael

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

Michael_Carlisl
Explorer
โ€Ž09-09-2016 07:41 AM

So it turns out the spl file retrieved from the Splunk Cloud instance set Outputs.conf file in the splunkuniversalforwarder folder to a site it could not resolve. I updated that site to the ip equivalent and it started working. Not sure why this works in our non-unix environments.

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

Michael_Carlisl
Explorer
โ€Ž09-09-2016 07:41 AM

So it turns out the spl file retrieved from the Splunk Cloud instance set Outputs.conf file in the splunkuniversalforwarder folder to a site it could not resolve. I updated that site to the ip equivalent and it started working. Not sure why this works in our non-unix environments.

View solution in original post

0 Karma
Reply