Splunk Search
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

We have an app on a server for which we want to send logs to splunk.

samqadir
New Member
‎04-30-2018 09:56 PM

We have an app on a server for which we want to send logs to splunk. The splunk host is listening on 9997 while our server is sending data via inconsistent ports. We want to make splunk forwarder to use 9997 to send data to splunk host server.

LocalAddress LocalPort RemoteAddress RemotePort State AppliedSetting OwningProcess
XXXXXXXXX.13 65518(This changes) XXXXXXXXXXXX 9997 Established Internet splunkd.exe

Please help what we need to do so that the local port is listening to forwarders on 9997 to send data to host on their 9997 port.

Tags (1)
0 Karma
Reply

xpac
SplunkTrust
SplunkTrust
‎05-01-2018 06:22 AM

The Port used to initiate a connection from is random for several reasons, and this behaviour is common practice.

Splunk doesn't offer a config parameter to change this, and (if I remember correctly) is behavior determined on a lower level (C library/operating system).

I can't think of a good reason to force this to be a fixed port - maybe you can explain why you want to do this? Maybe we can find an alternative, or there is simply a misunderstanding in how this is supposed to work?

0 Karma
Reply
Get Updates on the Splunk Community!

A Season of Skills: New Splunk Courses to Light Up Your Learning Journey

There’s something special about this time of year—maybe it’s the glow of the holidays, maybe it’s the ...

Announcing the Migration of the Splunk Add-on for Microsoft Azure Inputs to ...

Announcing the Migration of the Splunk Add-on for Microsoft Azure Inputs to Officially Supported Splunk ...

Splunk Observability for AI

Don’t miss out on an exciting Tech Talk on Splunk Observability for AI! Discover how Splunk’s agentic AI ...