Hi
I'm configure an OPSEC LEA object on Splunk and I see the following error:
How can I solve it? The IP addresses are from the CheckPoint manager.
... View more
Hello, Thanks for your Answer
I'm trying to join Splunk from another system.
At the connectivity level, I have an answer when I ping from the system.
This is the result of iptables command:
[root@localhost /]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
... View more
I have a Search Head Splunk running and I can not see the web interface of this, however when reviewing the settings I can see that the service is running and I do not see problems at port 8000 level. This machine is a Centos 7.
[root@localhost bin]# ./splunk status
splunkd is running (PID: 3206).
splunk helpers are running (PIDs: 3207 3276 3374 3586 3593 3933 3938 3946 3952 3967 3969 3991 4006 4035 4038 4067 4087 4132 4216 4245 4289 19936 21863 29673 31326 37186 37220 38675 38761 39270 39273 39276 39284 40312).
[root@localhost bin]#
[root@localhost ~]# netstat -anpt |grep -e 8000
tcp 0 0 0.0.0.0:8000 0.0.0.0:* LISTEN 3206/splunkd
tcp 0 1 10.10.9.50:8000 192.168.150.28:47232 FIN_WAIT1 -
tcp 0 0 10.10.9.50:8000 10.10.12.232:65198 ESTABLISHED 3206/splunkd
tcp 0 0 10.10.9.50:8000 192.168.150.28:47946 ESTABLISHED 3206/splunkd
tcp 0 1 10.10.9.50:8000 192.168.150.28:47172 FIN_WAIT1 -
tcp 0 0 10.10.9.50:8000 192.168.150.28:48044 ESTABLISHED 3206/splunkd
[root@localhost ~]# firewall-cmd --list-all
FirewallD is not running
... View more