Can not access splunk console at first time instal...

shivprasad · ‎12-08-2024

I downloaded splunk Enterprise on EC2 at /opt folder using tgz file. unzipped it using tar.
then started it on port no 8000. it shows i succesfully started at 8000. But after enabling 8000 port in ec2 security gruops and using the public ip of ec2 with :8000 I can't access the webpage. I just shows this site can't be reached. please help me.

meetmshah · ‎12-08-2024

Hello @shivprasad Can you please have a check on below list -

1. Validate Splunk Service is Running - ./splunk status

2. Confirm for which range of IP addresses, port 8000 is Open

3. Validate If you’re using a VPC, ensure there’s an Internet Gateway attached and the route table includes a route for 0.0.0.0/0 pointing to the Internet Gateway

4. Try restarting Splunk service once - ./splunk restart

Also, Can you please confirm if there are any ERROR / WARN messages under - "/opt/splunk/var/log/splunk/splunkd.log" (Use tail command to validate)

shivprasad · ‎12-08-2024

thanks @meetmshah for taking this in notice. Fortunately I got the issue.
I was doing everything correct except one thing, that is I was creating inbound rule of tcp 8000 after the instalation and after running the splunk. But when I at first created the inbound tcp 8000 rule and then installed the splunk and started it, so now everything is working fine.
Thanks again...

meetmshah · ‎12-09-2024

Glad to know the issue is resolved, please accept the solution - so it's marked as Resolved.

Can not access splunk console at first time installed on EC2

installation

splunk-assist

using Splunk Enterprise

Index This | When is October more than just the tenth month?

Observe and Secure All Apps with Splunk

What’s New & Next in Splunk SOAR

Are you a member of the Splunk Community?