Hi Experts,
I try to install "Splunk Enterprise Security Suite" in my standalone environment.
For this I follow:
https://docs.splunk.com/Documentation/ES/6.0.0/Install/InstallEnterpriseSecuritySHC
But when I try to follow below step:
Install Enterprise Security on the deployer.
Increase the Splunk Web upload limit, for example to 1GB, by creating a file called $SPLUNK_HOME/etc/system/local/web.conf with the following stanza.
[settings]
max_upload_size = 1000
Then I restart my splunk server, so at the time of restart it give below error
WARNING: web interface does not seem to be available!
Kindly suggest the right guide for installing and configuring "Splunk Enterprise Security Suite".
By chance, did you follow the guide exactly? Did you include the comment in the stanza?
max_upload_size = 1000 // increases SplunkWeb upload limit to 1GB
If so, try removing the comment so the stanza is:
max_upload_size = 1000
Then restart Splunk.
My Splunk instance are on AWS EC2 using instance type c5.4xlarge