Hello everyone
I have linux server machine (CentOS 7) where Splunk universal ( version 8.0.3 ) has been installed
After installation of agent there was deployed app for connecting on deployment server.
Unfortunately machine is not visible in DS, First I have checked if dns name of DS can be resolved there and if host can communicate with DS on 8089 dest port at all with telnet program. There were not find any issues.
I decided to look at internal splunk logs by following search:
index=_internal earliest=-20d@d latest=now hostname OR x.x.x.x sourcetype=splunkd
( where x.x.x.x is IP of linux server)
I could see following warning there:
"
02-03-2021 08:04:09.080 +0100 WARN HttpListener - Socket error from x.x.x.x:13258 while idling: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version numb
"
My question can that error be related to problem with connection between linux server and DS ?
If yes, how i can resolve that issue.
On DS i have installed following version of Splunk:
Splunk 7.2.0 (build 8c86330ac18)
Thanks in advance for your help
BR
Dawid
Hi
at least indexers must be at same version or greater than UFs. So I propose that you must update your DS to the newer version. It must be a Linux version as you have other than windows UFs in use. If you have separate LM then also that must be a highest version in use.
r. Ismo
Hi
Thanks for answer.
I don't think so that i should do this.
I have other machines which are using newer UF and they are working without any problems.
BR
Dawid