- Splunk Answers
- :
- Splunk Administration
- :
- Security
- :
- Splunk Enterprise starts, but why is my connection...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Splunk Enterprise starts, but why is my connection refused trying to access Splunk Web in my browser?
I just installed Splunk Enterprise 6.0 and all went swimmingly. However, my connection is refused when trying to go to it in my browser. What am I missing?
Splunk> 4TW
Checking prerequisites... Checking
http port [8000]: open Checking mgmt
port [8089]: open Checking
configuration... Done. Creating:
/opt/splunk/var/lib/splunk Creating:
/opt/splunk/var/run/splunk Creating:
/opt/splunk/var/run/splunk/appserver/i18n
Creating:
/opt/splunk/var/run/splunk/appserver/modules/static/css
Creating:
/opt/splunk/var/run/splunk/upload
Creating:
/opt/splunk/var/spool/splunk
Creating:
/opt/splunk/var/spool/dirmoncache
Creating:
/opt/splunk/var/lib/splunk/authDb
Creating:
/opt/splunk/var/lib/splunk/hashDb
Checking critical directories... Done
Checking indexes... Validated:
_audit _blocksignature _internal _thefishbucket history main summary Done New certs have been generated in
'/opt/splunk/etc/auth'. Checking
filesystem compatibility... Done
Checking conf files for typos...
Done All preliminary checks passed.
Starting splunk server daemon
(splunkd)... Done
[ OK ] Starting splunkweb...
Generating certs for splunkweb server
Generating a 1024 bit RSA private key
........++++++ ...............++++++
writing new private key to
'privKeySecure.pem'
----- Signature ok subject=/CN=localhost.localdomain/O=SplunkUser
Getting CA Private Key writing RSA key
[ OK ] Done
If you get stuck, we're here to help.
Look for answers here:
http://docs.splunk.com
The Splunk web interface is at
http://xxx.xxx.xxx.xxx:8000
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Check your management port numbers.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Taking the fact that it worked fine with firewall disabled, I think you just need to open the right port for this. In this case, 8000.
Here is a good port digram
https://answers.splunk.com/answers/118859/diagram-of-splunk-common-network-ports.html
thanks.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Check that you've got the protocol, host name, port correct in the browser. If wrong, correct and try again.
Check that you can establish a connection, e.g. telnet to the host and port. If not, talk to network administration to fix.
That being said, go grab 6.3 - it's significantly improved over 6.0.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I stopped the firewall and it worked fine - so something in my firewall settings is doing this.
I am trying to help a customer using our app and they aren't willing to upgrade to 6.3 yet for some reason - so I'm trying ti troubleshoot the older version with them. I'm just running 6.0 in a VM for these purposes.
Routing logs with Splunk OTel Collector for Kubernetes
Welcome to the Splunk Community!
Tech Talk | Elevating Digital Service Excellence: The Synergy of Splunk RUM & APM
