Installation
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Installing Splunk - Troubleshooting error "Waiting for web server at http://127.0.0.1:8000 to be available.?

J9
Engager
‎08-21-2022 05:41 PM

I'm trying to install Splunk Enterprise on CentOS7 operating system.  CentOS is installed on Virtual Box.  However when i run ./splunk start -accept-license i get the message "waiting for web server at http://127.0.0.1:8000 to be available.

This is my first installation so the solution maybe pretty simple.

 

I have logged in as root to open ports by typing the following commands

firewall-cmd --zone=public --add-port=8000/tcp –permanent 

firewall-cmd --zone=public --add-port=8080/tcp --permanent  

firewall-cmd --zone=public --add-port=8088/tcp –permanent

firewall-cmd --zone=public --add-port=8089/tcp –permanent

firewall-cmd --zone=public --add-port=9997/tcp –permanent

firewall-cmd --zone=public --add-port=514/tcp –permanent 

firewall-cmd --zone=public --add-port=514/udp –permanent 

I reloaded the firewall rules by firewall-cmd -reload and when i run firewall-cmd --list-all i can see the ports that i have opened.

J9_1-1661127933782.png

i created a splunk user and group and associated it to each other.   

i uncompressed the tar file and moved to /opt/splunk

i changed the ownership of the uncompressed files to splunk 

Then logged into CentOS as splunk ran ./splunk start -accept-license and all the prelimary checks passed.  Then after a few minutes, the error appeared and believe the installation stopped.

I ran the command /opt/splunk/bin/splunk status and splunkd is not running

 

i did netstat -an | grep 8000 and its not listening on port 8000.  

Labels (1)
Labels
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

J9
Engager
‎08-21-2022 07:14 PM

Just to give an update, i did the following:

i set the current mode to passive from enforcing by typing setenforce permissive > Enter

I disabled the firewall by typing systemctl stop firewalld > Enter

I updated centOS by typing yum update > Enter.  (As i only downloaded the install file a few days ago i didnt do this as i thought it would already be the latest.  Turns out it wasnt the case)

I then ran ./splunk start > Enter and then after a few minutes it completed.

However, now when i go to the web browser it says secure connection failed.  Error code: SSL_ERROR_RX_RECORD_TOO_LONG

 

 

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

J9
Engager
‎08-21-2022 07:14 PM

Just to give an update, i did the following:

i set the current mode to passive from enforcing by typing setenforce permissive > Enter

I disabled the firewall by typing systemctl stop firewalld > Enter

I updated centOS by typing yum update > Enter.  (As i only downloaded the install file a few days ago i didnt do this as i thought it would already be the latest.  Turns out it wasnt the case)

I then ran ./splunk start > Enter and then after a few minutes it completed.

However, now when i go to the web browser it says secure connection failed.  Error code: SSL_ERROR_RX_RECORD_TOO_LONG

 

 

0 Karma
Reply
Get Updates on the Splunk Community!

Get Your Exclusive Splunk Certified Cybersecurity Defense Engineer at Splunk .conf24 ...

We’re excited to announce a new Splunk certification exam being released at .conf24! If you’re headed to Vegas ...

Share Your Ideas & Meet the Lantern team at .Conf! Plus All of This Month’s New ...

Splunk Lantern is Splunk’s customer success center that provides advice from Splunk experts on valuable data ...

Combine Multiline Logs into a Single Event with SOCK: a Step-by-Step Guide for ...

Combine multiline logs into a single event with SOCK - a step-by-step guide for newbies Olga Malita The ...