×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
vicky58
Explorer
Member since: ‎10-03-2018
‎06-05-2020
Community Statistics
Posts 3
Solutions 0
Karma Given 0
Karma Received 1
Member Since ‎10-03-2018
Activity Feed
View All

Re: Why are we unable to access Splunk web GUI via...

by in All Apps and Add-ons
‎10-05-2018 08:36 AM
‎10-05-2018 08:36 AM
Nope, we haven't configured backend authentication, just enabled splunk default SSL. /local/web.conf [settings] enableSplunkwebSSL true Web gui running on https://IP:8000 Using TCP protocol on ELB configurations, ELB Listener TCP - 8000, Instance listener TCP 8000 ... View more

Re: Why are we unable to access Splunk web GUI via...

by in All Apps and Add-ons
‎10-04-2018 09:26 AM
‎10-04-2018 09:26 AM
After hours of struggle made few modifications, finally we were able to open GUI using the ELB name on HTTP. But now the issue is with HTTPS protocol. Getting ELB health check failures (instance "Out of service" )over HTTPS protocol We have enabled splunkwebSSL in local web.conf, and made changes to the ELB settings as below Target Path:HTTPS:8000/en-US/account/login?return_to=%2Fen-US%2F Timeout: 10 seconds Interval: 30 seconds Only time we are getting health check to work properly is when changing to TCP protocol, TCP:8000 but TCP is not the port we want to use as it only looks for a listening port and not that Splunk is running. As per Splunk previous answers on same issues, we did verified web.conf under /splunk_home/splunk/etc/system/default/web.conf for TLS1.2 version cyperSuite. it is exist in our splunk web.conf default path :- ciphers to cipherSuite: ECDHE-RSA-AES128-SHA sslVersions = tls1.2 cipherSuite = ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256 ecdhCurves = prime256v1, secp384r1, secp521r1 we are seeing this issue on Splunk 6.6.3 ... View more

Why are we unable to access Splunk web GUI via Ama...

by in All Apps and Add-ons
‎10-03-2018 12:01 PM
1 Karma
‎10-03-2018 12:01 PM
1 Karma
We ran into an issue where we are unable to access Splunk web GUI using Amazon Web Services (AWS) Elastic Load Balancing (ELB) DNS name example:- http://ELB:PORT or https://ELB/en-US/account/login. Details:- Classic Load balancer and Splnk 6.6.3 version We are able to connect port 8000 when try with http;//IP:8000 but are unable to access GUI via ELB DNS name http://ELB:8000 . We deployed in VPC, enabled network Security group rules internally between ELB and EC2 instance. Below are the ELB configurations:- Ping Target:- HTTP:8000/en-US/account/login?return_to=%2Fen-US%2F Timeout: 10 seconds Interval: 30 seconds Un healthy threshold: 2 Healthy threshold: 10 Health check is "Inservice" — currently we are using only 1 Availability zone — Instance is healthy Listeners:- ELB -HTTP -8000- Instance protocol - HTTP -8000 Able to open GUI using IP - http://IP:8000 , but not able to access via ELB name. Do we need to make any changes to ELB configurations..? Is any one gone through this same issue, Appreciate your help. -> Also we tested by on enabling the HTTPS on web.conf enableSplunkWebSSL = true, Able to open GUI on Https://IP:PORT but not Https://ELB:PORT We are facing this issue even with HTTP Protocol. ELB-> HTTP ->8000 - Instance protocol- HTTP -> 8000 , Looking for recommended ways to configure ELB settings for HTTPS. ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM
Karma from
View All