Installation

ubuntu docker container fail to start

francisyap
Engager

Hi, I getting the following error when start the container using the command, any idea?

 

 

 

 

unday 08 August 2021  14:19:09 +0000 (0:00:00.050)       0:05:37.573 *********
TASK [splunk_standalone : Setup global HEC] ************************************
fatal: [localhost]: FAILED! => {
    "cache_control": "private",
    "changed": false,
    "connection": "Close",
    "content_length": "130",
    "content_type": "text/xml; charset=UTF-8",
    "date": "Sun, 08 Aug 2021 14:19:11 GMT",
    "elapsed": 0,
    "redirected": false,
    "server": "Splunkd",
    "status": 401,
    "url": "https://127.0.0.1:8089/services/data/inputs/http/http",
    "vary": "Cookie, Authorization",
    "www_authenticate": "Basic realm=\"/splunk\"",
    "x_content_type_options": "nosniff",
    "x_frame_options": "SAMEORIGIN"
}

MSG:

Status code was 401 and not [200]: HTTP Error 401: Unauthorized
PLAY RECAP *********************************************************************
localhost                  : ok=56   changed=2    unreachable=0    failed=1    skipped=58   rescued=0    ignored=0
Sunday 08 August 2021  14:19:11 +0000 (0:00:02.151)       0:05:39.725 *********
===============================================================================
splunk_common : Get Splunk status ------------------------------------- 233.48s
splunk_common : Start Splunk via CLI ----------------------------------- 48.29s
splunk_common : Update Splunk directory owner -------------------------- 20.43s
splunk_common : Wait for splunkd management port ----------------------- 10.10s
splunk_common : Test basic https endpoint ------------------------------- 4.14s
Gathering Facts --------------------------------------------------------- 3.16s
splunk_common : Cleanup Splunk runtime files ---------------------------- 2.49s
splunk_standalone : Setup global HEC ------------------------------------ 2.15s
splunk_common : Check if /sbin/updateetc.sh exists ---------------------- 1.40s
splunk_common : Check for scloud ---------------------------------------- 1.38s
splunk_common : Start Splunk via service -------------------------------- 1.28s
splunk_common : Update /opt/splunk/etc ---------------------------------- 0.90s
splunk_common : Find manifests ------------------------------------------ 0.68s
splunk_common : include_tasks ------------------------------------------- 0.49s
splunk_common : include_tasks ------------------------------------------- 0.46s
splunk_common : Remove user-seed.conf ----------------------------------- 0.43s
splunk_common : Enable splunktcp input ---------------------------------- 0.39s
splunk_common : Check for existing installation ------------------------- 0.38s
splunk_common : Ensure license path ------------------------------------- 0.36s
splunk_common : Create .ui_login ---------------------------------------- 0.30s
# docker run --name splunk-mount -v opt-splunk-etc:/opt/splunk/etc -v opt-splunk-var:/opt/splunk/var -d -p 8000:8000 -e SPLUNK_START_ARGS=--accept-license -e SPLUNK_PASSWORD=password splunk/splunk:latest

 

 

 

 

 

Labels (1)
Get Updates on the Splunk Community!

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...