Deployment Architecture
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Encountered the following error while trying to save: In handler 'distsearch-peer': Status 401 while sending public key to search peer https://indexer:8089: Unauthorized

shariinPH
Contributor
‎03-05-2015 11:54 PM

HI,

I am getting a problem with regards with adding search peer in my search head
I'm getting this error

Encountered the following error while trying to save: In handler 'distsearch-peer': Status 401 while sending public key to search peer https://indexer:8089: Unauthorized

does anyone know why i am getting this error?

Cheers!

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

esix_splunk
Splunk Employee
Splunk Employee
‎03-06-2015 01:16 AM

It seems in your distributed environment, the user that you have configured distributed search with on the peer indexer has either been deleted or perhaps the password has changed.
Try to login to the indexer with your distributed search user and see if its successful. You can delete the search peer and re-add it in the Distributed Search configuration also.

View solution in original post

Reply
Solved! Jump to solution
Solution

esix_splunk
Splunk Employee
Splunk Employee
‎03-06-2015 01:16 AM

It seems in your distributed environment, the user that you have configured distributed search with on the peer indexer has either been deleted or perhaps the password has changed.
Try to login to the indexer with your distributed search user and see if its successful. You can delete the search peer and re-add it in the Distributed Search configuration also.

Reply
Solved! Jump to solution

lakshman237
Path Finder
‎05-18-2015 10:05 AM

Pls check if the connectivity from search head to indexer works [ by ping or telnet ip mgmt. port]. If there is a connectivity/network issue, we still get the same error. [ I assume you are entering correct admin password when configuring them]

0 Karma
Reply
Solved! Jump to solution

shariinPH
Contributor
‎03-07-2015 07:08 PM

hi esix_splunk, thanks for your answer but still its not working.. Status is still authentication failed.

0 Karma
Reply
Solved! Jump to solution

esix_splunk
Splunk Employee
Splunk Employee
‎03-08-2015 12:02 AM

Did you delete the search peer, and then recreate?

Also, have you validated that the user and password is valid on the indexer host?

Reply
Solved! Jump to solution

shariinPH
Contributor
‎03-15-2015 07:15 PM

Hi esix_splunk, we've figured it out.
The management port was changed.

0 Karma
Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey
Get Updates on the Splunk Community!

Data Persistence in the OpenTelemetry Collector

This blog post is part of an ongoing series on OpenTelemetry. What happens if the OpenTelemetry collector ...

Introducing Splunk 10.0: Smarter, Faster, and More Powerful Than Ever

Now On Demand Whether you're managing complex deployments or looking to future-proof your data ...

Community Content Calendar, September edition

Welcome to another insightful post from our Community Content Calendar! We're thrilled to continue bringing ...