Splunk Enterprise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Connection from UF to Deployment Server: SSL issue

d4wc3k
Path Finder
‎02-03-2021 07:37 AM

Hello everyone

I have linux server machine  (CentOS 7) where Splunk universal ( version 8.0.3 ) has been installed
After installation of agent there was deployed app for connecting on deployment server.
Unfortunately machine is not visible in DS, First I have checked if dns name of DS can be resolved there and if host can communicate with DS on 8089 dest port at all with telnet program. There were not find any issues.
I decided to look at internal splunk logs by following search:
index=_internal earliest=-20d@d latest=now hostname OR x.x.x.x sourcetype=splunkd
( where x.x.x.x is IP of linux server)
I could see following warning there:
"
02-03-2021 08:04:09.080 +0100 WARN HttpListener - Socket error from x.x.x.x:13258 while idling: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version numb
"
My question can that error be related to problem with connection between linux server and DS ?
If yes, how i can resolve that issue.

On DS i have installed following version of Splunk:
Splunk 7.2.0 (build 8c86330ac18)

Thanks in advance for your help

BR
Dawid

Labels (1)
Labels
0 Karma
Reply

isoutamo
SplunkTrust
SplunkTrust
‎02-03-2021 10:06 AM

Hi

at least indexers must be at same version or greater than UFs. So I propose that you must update your DS to the newer version. It must be a Linux version as you have other than windows UFs in use. If you have separate LM then also that must be a highest version in use.

r. Ismo

0 Karma
Reply

d4wc3k
Path Finder
‎03-15-2021 08:19 AM

Hi

Thanks for answer.
I don't think so that i should do this.
I have other machines which are using newer UF and they are working without any problems.

BR
Dawid

0 Karma
Reply
Get Updates on the Splunk Community!

Adoption of RUM and APM at Splunk

    Unleash the power of Splunk Observability   Watch Now In this can't miss Tech Talk! The Splunk Growth ...

Routing logs with Splunk OTel Collector for Kubernetes

The Splunk Distribution of the OpenTelemetry (OTel) Collector is a product that provides a way to ingest ...

Welcome to the Splunk Community!

(view in My Videos) We're so glad you're here! The Splunk Community is place to connect, learn, give back, and ...