Splunk Cloud Platform
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Why is Universal forwarder failing to configure in windows system?

prabhakar_rhymt
Engager
‎02-21-2022 12:44 AM

Hi,

We are taken Splunk cloud community edition trail.  and we have installed universal forwarder in windows but it is not communicating to cloud server.

We are getting error like this:

 

02-21-2022 12:42:48.381 +0530 INFO  DC:DeploymentClient [691880 PhonehomeThread] - channel=tenantService/handshake Will retry sending handshake message to DS; err=not_connected
02-21-2022 12:42:59.014 +0530 INFO  ProxyConfig [595472 HttpClientPollingThread_422CEEC3-132D-4E49-B8B8-20DC5A33230D] - Failed to initialize http_proxy from server.conf for splunkd. Please make sure that the http_proxy property is set as http_proxy=http://host:port in case HTTP proxying needs to be enabled.

 

we are enable all ports which are required for communication but still it is not connecting to cloud server.

Help us to resolve this issue.

Thank You.

Labels (2)
Labels
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

SanjayReddy
SplunkTrust
SplunkTrust
‎02-22-2022 11:59 PM

Hi @prabhakar_rhymt 

Thanks for response.

are you getting connection falied erros?, then you need to open firewall between Splunk Cloud and Window server 

I guess rasing ticket to Splunk support might help to enable connectivity, but I am not 100% sure.



View solution in original post

0 Karma
Reply
Solved! Jump to solution

prabhakar_rhymt
Engager
‎02-23-2022 12:21 AM

@SanjayReddy 

 

I am getting Connection refused error. And I have turned-off my firewall also to allow ports for traffic. But still it's no use.

0 Karma
Reply
Solved! Jump to solution

prabhakar_rhymt
Engager
‎02-22-2022 11:01 PM

Hi @SanjayReddy 

 

I have tried with Telnet as you said, but it's throwing connection error.

0 Karma
Reply
Solved! Jump to solution
Solution

SanjayReddy
SplunkTrust
SplunkTrust
‎02-22-2022 11:59 PM

Hi @prabhakar_rhymt 

Thanks for response.

are you getting connection falied erros?, then you need to open firewall between Splunk Cloud and Window server 

I guess rasing ticket to Splunk support might help to enable connectivity, but I am not 100% sure.



0 Karma
Reply
Solved! Jump to solution

SanjayReddy
SplunkTrust
SplunkTrust
‎02-21-2022 02:11 AM

Hi  @prabhakar_rhymt 


Error Message that you shared is for deployment server issue, UF is not able to connect to deployment server.(in this  be same instance as splunk cloud)

however for UF not able to connect to splunk cloud can you please do telnet from windows UF to cloud instance

telnet <cloudhostname> 9997  to check weather connectivity between windows UF and splunk cloud happening. if not present you need to enable firewall between them

also can you check in splunkd.log for any error or warn messages 

please run following command to check active forwarders list

cd C:\Program Files\Splunk\bin

splunk list forward-server

SanjayReddy_0-1645438301009.png

 


if output is blank you need to configure ip in outputs.conf (C:\Program Files\Splunk\etc\system\local) and restart splunk

 

 

0 Karma
Reply
Get Updates on the Splunk Community!

Index This | Divide 100 by half. What do you get?

November 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this ...

Stay Connected: Your Guide to December Tech Talks, Office Hours, and Webinars!

❄️ Celebrate the season with our December lineup of Community Office Hours, Tech Talks, and Webinars! ...

Splunk and Fraud

Watch Now!Watch an insightful webinar where we delve into the innovative approaches to solving fraud using the ...