Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Binding splunk-web to an ip address - WARNING: web interface does not seem to be available!

ikulcsar
Communicator
‎01-16-2017 06:15 AM

Hello,

We have a distributed Splunk system. Every indexers have 2 IPs (ip1 and ip2) addresses (and 2 NICs, too). The goal is to bind the web interface to ip1 while keeping the ability to receive logs on both IPs.

I've already checked https://docs.splunk.com/Documentation/Splunk/latest/Admin/BindSplunktoanIP and serveral questions here with no luck.
When set server.socket_host setting in web.conf to ip1, and leave SPLUNK_BINDIP, mgmtHostPort on default I recieved this at Splunk startup. 

Waiting for web server at http://127.0.0.1:8000 to be available............................................................................................................................................................................................................................................................................................................

WARNING: web interface does not seem to be available!

From 'ss -na' output:

LISTEN      0      128           <ip1>:8000                      *:*
UNCONN      0      0                   *:514                        *:*

Ip1 is not 127.0.0.1, so it will never succeed to connect... but logs can be recieved on any ip. System seems to operational.

How can I handle this warning, Is there a way to achieve my goal without an error?

About the system: Splunk v6.5.1 on 64bit linux, multiple search heads and indexers, no firewall.

Thanks,
Istvan

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

ikulcsar
Communicator
‎03-01-2017 01:30 AM

Hi,

I received information from tech support, This is a bug, they will fix it in one of the upcoming releases.

Regards,
István

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

ikulcsar
Communicator
‎03-01-2017 01:30 AM

Hi,

I received information from tech support, This is a bug, they will fix it in one of the upcoming releases.

Regards,
István

0 Karma
Reply
Solved! Jump to solution

ikulcsar
Communicator
‎08-22-2017 07:01 AM

Fixed in 6.6.3: https://docs.splunk.com/Documentation/Splunk/6.6.3/ReleaseNotes/6.6.3
Issue numbers: SPL-136496, SPL-141953, SPL-141956

0 Karma
Reply
Get Updates on the Splunk Community!

Exciting News: The AppDynamics Community Joins Splunk!

Hello Splunkers,   I’d like to introduce myself—I’m Ryan, the former AppDynamics Community Manager, and I’m ...

Buttercup Games: Further Dashboarding Techniques (Part 3)

This series of blogs assumes you have already completed the Splunk Enterprise Search Tutorial as it uses the ...

Digital Resilience Assessment Launch | How prepared are you for disruption?

Disruption is inevitable. The question is – how prepared are you to handle it? In today’s fast-moving digital ...