Security

Splunk 6.3 on Fedora 22 can't connect to Splunk Web http://splunkserver:8000

mendesjo
Path Finder

Ok, I'm new to Splunk and new to unix.. I never thought I would miss Windows server but I do. Anyway, I'm trying to learn so I can manage our production environment and so I set up a fedora 22 box as a VM on my system to learn. All went well, after a lot of googling about different things, but a few things still don't work, and I have a few questions hoping someone may help.

1)Modified the bash file to include the Splunk bin directory in the path in my case /apps/splunk/bin I reboot and path is there, but doesn't work. I have to go to /apps/splunk/bin directory to do anything. Why?

2)At work all I have to do is type splunk status or whatever I want, on my home test system I have to type ./splunk status. Why?

3)My biggest issue is I can't connect to http://splunkserver:8000. Why? I checked firewall, that seems to be ok. I did a netstat it seems to say listening so I think it's ok. As part of Fedora, it installs this free ipa software that works on port 8089 and a using a web browser to that port that free IPA software loads, so I think maybe it's Splunk, but what? A splunk status says splunkweb is running, and again port 8000 says listening. What else could it be? I loaded version 6.0.1 as that's what we are running at work and I want to test a 6.3 upgrade.

Any help would be appreciated.

0 Karma
1 Solution

woodcock
Esteemed Legend

1&2: You have probably not added the path to PATH correctly; show me the output of this:

echo PATH=<$PATH>

3: Make sure that firewall is not blocking you.

systemctl disable firewalld
systemctl stop firewalld

This turns firewall off but might be better if you configured appropriate holes in it (this is good for a test, though).

View solution in original post

0 Karma

woodcock
Esteemed Legend

1&2: You have probably not added the path to PATH correctly; show me the output of this:

echo PATH=<$PATH>

3: Make sure that firewall is not blocking you.

systemctl disable firewalld
systemctl stop firewalld

This turns firewall off but might be better if you configured appropriate holes in it (this is good for a test, though).

0 Karma

mendesjo
Path Finder

Beautiful that work, thanks so much! Now I wanted a GUI to manage this, and after some reading the suggestion was to load fedora workstation, so I did a "sudo dnf group install "Fedora Workstation" which worked, not how do I start the gui? Also, it did something else, if I reboot my server I can't SSH anymore says connection refused. After some digging I found that the service wasn't started, I have to "start sshd start" then I can SSH. God I miss windows, thank you in advance.

0 Karma

woodcock
Esteemed Legend

First, click "Accept" to close the question. Next, read up on how to keep processes running in Linux (initd, etc.). You will get it.

0 Karma
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...