How can i add udp port 514 and 161 on the ./splunk...

cebo_myeza · ‎06-16-2015

I am using centos and i have opened the ports on the iptables but now if i try to add them on the ./splunk they give me the following messages:

root@localhost intern.network_trainee]# cd /opt/splunk/bin/

[root@localhost bin]# ./splunk add udp 514 -sourcetype syslog
In handler 'udp': Parameter name: UDP port 514 is not available.

[root@localhost bin]# ./splunk add udp 161 -sourcetype snmp
In handler 'udp': Parameter name: UDP port 161 is not available.

[root@localhost bin]#

And what confuses me the most is the $SPLUNK_HOME and /opt/spunk/ , is there a difference between the two directories?

MuS · ‎06-16-2015

Hi cebo_myeza,

cheers, MuS

cebo_myeza · ‎06-16-2015

in order to use ./splunk they say i must set environmental variables, like below

export SPLUNK_HOME=/opt/splunk
export PATH=$SPLUNK_HOME/bin:$PATH

Do i have to type this inside the setEnv file

MuS · ‎06-17-2015

You can use the file provided by Splunk like this:

source /opt/splunk/bin/setSplunkEnv

How can i add udp port 514 and 161 on the ./splunk?