Installation
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

installation start up

taelee94
New Member
‎12-01-2010 01:09 AM

Hi,

I'm new to splunk and Linux. I installed it to a CentOS 5.4 server and tried to get to http://splunk server:8000 but it would't come up unless iptable is stopped.

So I added an entry into iptables as below:

iptables -A INPUT -p tcp --dport 8000 -j ACCEPT

And after that I restarted iptables services but it still won't work.

Any suggestions or idea would be greatly appreciated.

Thanks,

Tags (1)
0 Karma
Reply

dwaddle
SplunkTrust
SplunkTrust
‎12-01-2010 02:18 AM

When you restarted iptables, you probably blew away the rule you added. Running the iptables command at the shell prompt only updates the in-memory filter table. You should add your rule in the proper place in /etc/sysconfig/iptables and then restart the iptables services. After the restart, verify your rule is there using iptables -nL.

Reply

dwaddle
SplunkTrust
SplunkTrust
‎12-01-2010 03:33 PM

Also, please click the checkbox to the left of my answer to accept it as "correct" - Thanks!

0 Karma
Reply

dwaddle
SplunkTrust
SplunkTrust
‎12-01-2010 03:32 PM

I've never used lokkit - but it sounds like it may not read the /etc/sysconfig/iptables file itself and/or it flushes the ruleset. You might use 'system-config-firewall' instead. (Me personally, I always just edit the file in /etc/sysconfig)

0 Karma
Reply

taelee94
New Member
‎12-01-2010 06:50 AM

Thanks and it worked!! However, I noticed something very strange. Whenever I start lokkit, any rules I added to /etc/sysconfig/iptables get deleted. I don't understand why...

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Enterprise Security 8.x: The Essential Upgrade for Threat Detection, ...

 Prepare to elevate your security operations with the powerful upgrade to Splunk Enterprise Security 8.x! This ...

Get Early Access to AI Playbook Authoring: Apply for the Alpha Private Preview ...

Passionate about security automation? Apply now to our AI Playbook Authoring Alpha private preview ...

Reduce and Transform Your Firewall Data with Splunk Data Management

Managing high-volume firewall data has always been a challenge. Noisy events and verbose traffic logs often ...