×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
miceli
New Member
Member since: ‎06-27-2011
‎06-05-2020
Community Statistics
Posts 2
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎06-27-2011
Activity Feed
View All

Re: forward-server listed as inactive

by in Getting Data In
‎06-29-2011 04:50 PM
‎06-29-2011 04:50 PM
Thanks Paolo. I unfortunately end up with the following output like before (it was a typo with the cm-processing and cm tags) Active forwards: None Configured but inactive forwards: cm:9997 I just need to know how to activate the forward-server, but the only commands according to http://www.splunk.com/base/Documentation/latest/Admin/CLIadmincommands are list, edit (which apparently isnt supported on the universal forwarder), add and remove. ... View more

forward-server listed as inactive

by in Getting Data In
‎06-28-2011 11:53 PM
‎06-28-2011 11:53 PM
Hi guys, i have been working on the creation of a deployment server with universal forwarders, and the outputs.conf contains: [tcpout] defaultGroup=cm [tcpout:cm-processing] server=cm:9997 This is making its way to the universal forwarder, but when I run ./splunk list forward-server it shows the connection as inactive. I have looked on the distribution server for clients, which returned this machine as a client. Also, I have checked the listener (cm) to see if it has forwarders attached which it doesnt. Any help would be greatly appreciated, Thanks! ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:03 AM