Solved: Re: Why is setting up a demo Splunk service on a D...

JosIJntema · ‎02-26-2017

Hi there,

I am trying to setup a demo Splunk service on a Digital Ocean Ubuntu server.

I am trying to reach the above URL, but it is not working somehow. I can get to the :8000 port and log in Splunk. Also, I am able to setup the HTTP Event Collector and have enabled everything.

I already set this up on localhost and that is working.

What am I doing wrong? Do I have to do some configuration on the Ubuntu server?

Thanks!

JosIJntema · ‎02-26-2017

I have figured it out. I had use SSL configured, but I did not use https. Now when I do not tick off use SSL I am able to receive the events.

View solution in original post

JosIJntema · ‎02-26-2017

I have figured it out. I had use SSL configured, but I did not use https. Now when I do not tick off use SSL I am able to receive the events.

starcher · ‎02-26-2017

It is typical to put HEC on 8088. But if you used 8080 have you confirmed you don't have iptables or other firewall configuration blocking it? You can use something like this to list the certificate if the port is reachable. Run again from another system replacing localhost with the servername/ip as appropriate too if localhost works.

openssl s_client -connect localhost:8088 -showcerts

Why is setting up a demo Splunk service on a Digital Ocean Ubuntu server not working?

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

They're back! Join the SplunkTrust and MVP at .conf24

Enterprise Security Content Update (ESCU) | New Releases