Cannot Validate Docker Install - ERROR Validating ...

samdc98 · ‎08-04-2021

I have installled splunk/splunk:latest and exposed it on 8000 per the instructions
I can get to the GUI on localhost:8000 and retrieved a HEC token

when I try to validate the install using

curl -k https://localhost:8088/services/collector/event -H "Authorization: Splunk my-hec-token" -d '{"event": "hello world"}'

I get this ERROR

Failed to connect to localhost port 8088: Connection refused

Note: I am using the correct token

samdc98 · ‎08-04-2021

Looks like that exposes a number of ports, docker ps -a gives

8065/tcp, 8088-8089/tcp, 8191/tcp, 9887/tcp, 0.0.0.0:8000->8000/tcp, :::8000->8000/tcp, 9997/tcp splunk

So I guess that means 8088 is automatically exposed?

samdc98 · ‎08-04-2021

the instructions on hub.docker.com say to expose 8000
docker run -d -p 8000:8000 -e "SPLUNK_START_ARGS=--accept-license" -e "SPLUNK_PASSWORD=xxxxxxxxxx" --name splunk splunk/splunk:latest

Using this I can navigate to the GUI localhost:8000

kamlesh_vaghela · ‎08-04-2021

@samdc98

Not sure about the default ports exposed during docker run but you can try by exposing manually

docker run -d -p 8000:8000 -8088:8088 -e "SPLUNK_START_ARGS=--accept-license" -e "SPLUNK_PASSWORD=xxxxxxxxxx" --name splunk splunk/splunk:latest

KV

kamlesh_vaghela · ‎08-04-2021

@samdc98

did you exposed 8088 from docker container ?

-p 8088:8088

KV

Cannot Validate Docker Install - ERROR Validating Installation

Windows

Announcing Scheduled Export GA for Dashboard Studio

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!