In handler 'distsearch-peer': Status 401 while sen...

kwclark · ‎03-20-2013

Search head is Linux and search peer is Windows Server 2008. Using the web interface Splunk Manager to connect to search peer using a local account (on the Windows machine) with admin rights. Has worked in the past... Title of this is the error message returned. What am I missing?

araitz · ‎03-20-2013

My guess from the 401 Unauthorized message is that either you have the wrong user/pass.

araitz · ‎03-21-2013

If you look in the remote $SPLUNK_HOME/var/log/splunk/splunkd_access.log around the time of the failure, do you see the 401 unauthorized there? Have you migrated these systems or otherwise changed the certificates of these splunk instances?

kwclark · ‎03-21-2013

Possibly, but I have tried domain admin account as well as a local admin account. Also added account to Splunk.

M$ Firewall is turned off (for now). Can ping system.

In handler 'distsearch-peer': Status 401 while sending public key to search peer

Upcoming Webinar: Unmasking Insider Threats with Slunk Enterprise Security’s UEBA

.conf25 technical session recap of Observability for Gen AI: Monitoring LLM ...

A Season of Skills: New Splunk Courses to Light Up Your Learning Journey

Join the Conversation

In handler 'distsearch-peer': Status 401 while sending public key to search peer

Upcoming Webinar: Unmasking Insider Threats with Slunk Enterprise Security’s UEBA

.conf25 technical session recap of Observability for Gen AI: Monitoring LLM ...

A Season of Skills: New Splunk Courses to Light Up Your Learning Journey