Installation
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Installing Splunk - Troubleshooting error "Waiting for web server at http://127.0.0.1:8000 to be available.?

J9
Engager
‎08-21-2022 05:41 PM

I'm trying to install Splunk Enterprise on CentOS7 operating system.  CentOS is installed on Virtual Box.  However when i run ./splunk start -accept-license i get the message "waiting for web server at http://127.0.0.1:8000 to be available.

This is my first installation so the solution maybe pretty simple.

 

I have logged in as root to open ports by typing the following commands

firewall-cmd --zone=public --add-port=8000/tcp –permanent 

firewall-cmd --zone=public --add-port=8080/tcp --permanent  

firewall-cmd --zone=public --add-port=8088/tcp –permanent

firewall-cmd --zone=public --add-port=8089/tcp –permanent

firewall-cmd --zone=public --add-port=9997/tcp –permanent

firewall-cmd --zone=public --add-port=514/tcp –permanent 

firewall-cmd --zone=public --add-port=514/udp –permanent 

I reloaded the firewall rules by firewall-cmd -reload and when i run firewall-cmd --list-all i can see the ports that i have opened.

J9_1-1661127933782.png

i created a splunk user and group and associated it to each other.   

i uncompressed the tar file and moved to /opt/splunk

i changed the ownership of the uncompressed files to splunk 

Then logged into CentOS as splunk ran ./splunk start -accept-license and all the prelimary checks passed.  Then after a few minutes, the error appeared and believe the installation stopped.

I ran the command /opt/splunk/bin/splunk status and splunkd is not running

 

i did netstat -an | grep 8000 and its not listening on port 8000.  

Labels (1)
Labels
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

J9
Engager
‎08-21-2022 07:14 PM

Just to give an update, i did the following:

i set the current mode to passive from enforcing by typing setenforce permissive > Enter

I disabled the firewall by typing systemctl stop firewalld > Enter

I updated centOS by typing yum update > Enter.  (As i only downloaded the install file a few days ago i didnt do this as i thought it would already be the latest.  Turns out it wasnt the case)

I then ran ./splunk start > Enter and then after a few minutes it completed.

However, now when i go to the web browser it says secure connection failed.  Error code: SSL_ERROR_RX_RECORD_TOO_LONG

 

 

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

J9
Engager
‎08-21-2022 07:14 PM

Just to give an update, i did the following:

i set the current mode to passive from enforcing by typing setenforce permissive > Enter

I disabled the firewall by typing systemctl stop firewalld > Enter

I updated centOS by typing yum update > Enter.  (As i only downloaded the install file a few days ago i didnt do this as i thought it would already be the latest.  Turns out it wasnt the case)

I then ran ./splunk start > Enter and then after a few minutes it completed.

However, now when i go to the web browser it says secure connection failed.  Error code: SSL_ERROR_RX_RECORD_TOO_LONG

 

 

0 Karma
Reply
Get Updates on the Splunk Community!

More Ways To Control Your Costs With Archived Metrics | Register for Tech Talk

Tuesday, May 14, 2024  |  11AM PT / 2PM ET Register to Attend Join us for this Tech Talk and learn how to ...

.conf24 | Personalize your .conf experience with Learning Paths!

Personalize your .conf24 Experience Learning paths allow you to level up your skill sets and dive deeper ...

Threat Hunting Unlocked: How to Uplevel Your Threat Hunting With the PEAK Framework ...

WATCH NOWAs AI starts tackling low level alerts, it's more critical than ever to uplevel your threat hunting ...