I need to configured Splunk (running on RHEL6) to work behind a proxy, I tried the recommended approach and it didn't work. On each I restarted Splunk, also note yum-cron/updates works fine.
To get around this problem, you need to set the http_proxy environment variable. For permanent results, you can specify the setting in the splunk-launch.conf configuration file, located in $SPLUNK_HOME/etc/ on *nix systems and %SPLUNK_HOME%\etc\ on Windows.
In splunk-launch.conf, add this attribute/value pair:
http_proxy = :
http_proxy = 10.1.8.11:8787
I then tried this:
added to opt/splunk/etc/system/default/prefs.conf
1) On Linux, which is the correct file to add the proxy settings? I have seen atleast 3 files mentioned, being:
editing the /etc/init.d/splunk startup script
2) Does the proxy environment variable follow a typical Linux format?
For example, are these valid?