Cannot Validate Docker Install - ERROR Validating ...

samdc98 · ‎08-04-2021

I have installled splunk/splunk:latest and exposed it on 8000 per the instructions
I can get to the GUI on localhost:8000 and retrieved a HEC token

when I try to validate the install using

curl -k https://localhost:8088/services/collector/event -H "Authorization: Splunk my-hec-token" -d '{"event": "hello world"}'

I get this ERROR

Failed to connect to localhost port 8088: Connection refused

Note: I am using the correct token

samdc98 · ‎08-04-2021

Looks like that exposes a number of ports, docker ps -a gives

8065/tcp, 8088-8089/tcp, 8191/tcp, 9887/tcp, 0.0.0.0:8000->8000/tcp, :::8000->8000/tcp, 9997/tcp splunk

So I guess that means 8088 is automatically exposed?

samdc98 · ‎08-04-2021

the instructions on hub.docker.com say to expose 8000
docker run -d -p 8000:8000 -e "SPLUNK_START_ARGS=--accept-license" -e "SPLUNK_PASSWORD=xxxxxxxxxx" --name splunk splunk/splunk:latest

Using this I can navigate to the GUI localhost:8000

kamlesh_vaghela · ‎08-04-2021

@samdc98

Not sure about the default ports exposed during docker run but you can try by exposing manually

docker run -d -p 8000:8000 -8088:8088 -e "SPLUNK_START_ARGS=--accept-license" -e "SPLUNK_PASSWORD=xxxxxxxxxx" --name splunk splunk/splunk:latest

KV

kamlesh_vaghela · ‎08-04-2021

@samdc98

did you exposed 8088 from docker container ?

-p 8088:8088

KV

Cannot Validate Docker Install - ERROR Validating Installation

Windows

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Quantify Your Splunk Investment Impact: Introducing Savings Metrics to Value Insights

Event Series: Telemetry Pipeline Management

Kick the Tires Before You Commit: A Hands-On Tour of the Splunk Observability Cloud ...

Join the Conversation