Solved: Connection from license slaver to master

splunkreal · ‎06-06-2017

Hello guys,

is any slunk license slave able to report to a license manager without any authentification or key?

Also from this slave is it possible to connect to the splunk API port (also port tcp:8089) which is not desirable?

Thanks.

* If this helps, please upvote or accept solution 🙂 *

yannK · ‎06-07-2017

in splunk 6.* and recent, the license slave has to share a pass4symmkey with the license-master.
and the license slave instances have to be able to reach license-master on port 8089 (api port)

Make sure that the original pass4symmkey is the same in their server.conf under [general] by default.
(beware, the clear string will be encrypted after a restart, so it may look different across instances, as they encrypt differently)

see http://docs.splunk.com/Documentation/Splunk/6.6.1/Admin/Serverconf

View solution in original post

yannK · ‎06-07-2017

in splunk 6.* and recent, the license slave has to share a pass4symmkey with the license-master.
and the license slave instances have to be able to reach license-master on port 8089 (api port)

Make sure that the original pass4symmkey is the same in their server.conf under [general] by default.
(beware, the clear string will be encrypted after a restart, so it may look different across instances, as they encrypt differently)

see http://docs.splunk.com/Documentation/Splunk/6.6.1/Admin/Serverconf

splunkreal · ‎06-08-2017

Thanks a lot yann, does this require local admin credentials or license master ones?

* If this helps, please upvote or accept solution 🙂 *

yannK · ‎06-08-2017

no, just having unified your pass4symkey
(have having valid ssl certs)

Connection from license slaver to master

license

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

They're back! Join the SplunkTrust and MVP at .conf24

Enterprise Security Content Update (ESCU) | New Releases