Splunk Dev
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

data not going to splunk

tiongjss1
Engager
‎02-05-2013 10:46 PM

Hi, I am relatively new on this, and I am having a problem right now.

When I run the twitted system from the python sdk, there seems to be no data being pushed into splunk.

It seems that the input.py is always stuck on the "initializing splunk" area.

My TCP port for both splunkrc and input.py are both 9002. Am I doing something wrong? Please tell me. Thank you.

0 Karma
Reply

Neeraj_Luthra
Splunk Employee
Splunk Employee
‎02-05-2013 11:16 PM

The twitted example reads .splunkrc to build a URL to Splunk's management port to write data into Splunk. I am assuming you are running Splunk on the default ports, i.e. 8000 for web and 8089 for management. If so, to run this example, your .splunkrc should have the management port listed, i.e. 8089.

Reply

Neeraj_Luthra
Splunk Employee
Splunk Employee
‎02-08-2013 12:42 PM

This is resolved. A clean refresh of the SDK examples and .splunkrc solved the problem.

0 Karma
Reply

Neeraj_Luthra
Splunk Employee
Splunk Employee
‎02-06-2013 06:58 PM

Do you have anything running on your machine on port 9001? Email me so I can work with you offline and we can then post the resolution here.

0 Karma
Reply

tiongjss1
Engager
‎02-06-2013 06:21 PM

Thank you for replying. The problem has now been oddly changed to "HTTP 400 Bad Request--In handler 'raw' : Parameter name:TCP Port 9001 not available". Is it the same thing or is it different?

0 Karma
Reply

Neeraj_Luthra
Splunk Employee
Splunk Employee
‎02-06-2013 10:15 AM

If you can undo all your changes to the input.py and make sure your .splunkrc looks something like this:

scheme=https

host=localhost

port=8089

username=admin

password=changeme

Then from the root of the Python SDK, run this command with no extra arguments
python examples/twitted/input.py
If this doesn't work, provide the output from this command.

0 Karma
Reply

Neeraj_Luthra
Splunk Employee
Splunk Employee
‎02-05-2013 11:36 PM

Yes, you should be able to. Make sure that Splunk is indeed running on that port and you can hit https://localhost:8089 from the browser or command line (using curl)? Also, can you post the entire error you are getting?

0 Karma
Reply

tiongjss1
Engager
‎02-05-2013 11:25 PM

Thank you for your quick reply. I tried what you suggested, however, I have the error "HTTP 400 Bad Request--In handler 'raw' : Parameter name:TCP Port 8089 not available"

Another question: are we able to list more than one port in the system?

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions

This challenge was first posted on Slack #puzzles channelFor BORE at .conf23, we had a puzzle question which ...

Splunk Community Badges!

  Hey everyone! Ready to earn some serious bragging rights in the community? Along with our existing badges ...

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

This puzzle (first published here) is based on matching timestamps to cron expressions.All the timestamps ...