Getting Data In
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Why am I unable to add UDP port 162 as a data source?

rgrace110
New Member
‎11-26-2014 11:02 AM

When I try to add port 162 UDP I cannot add it. I uninstalled Splunk, rebooted and reinstalled with no luck. Netstat -a shows Splunk listening but I cannot get data as it will not allow me to add the data source. Help please.

Tags (3)
0 Karma
Reply

ChrisG
Splunk Employee
Splunk Employee
‎11-26-2014 11:31 AM

Are you running as root? You have to be running as root to listen on a port below 1024. See this topic in the Getting Data In manual.

Reply

rgrace110
New Member
‎11-27-2014 06:22 AM

How can I verify that. The user is a domain admin and should.

0 Karma
Reply

rgrace110
New Member
‎11-26-2014 12:35 PM

I am doing this simply from the Windows interfaces

0 Karma
Reply

ChrisG
Splunk Employee
Splunk Employee
‎11-26-2014 12:39 PM

Okay, just to confirm, then: does the user you are running Splunk Enterprise as have access to port 162?

0 Karma
Reply
Get Updates on the Splunk Community!

Enhance Your Splunk App Development: New Tools & Support

UCC FrameworkAdd-on Builder has been around for quite some time. It helps build Splunk apps faster, but it ...

Prove Your Splunk Prowess at .conf25—No Prereqs Required!

Your Next Big Security Credential: No Prerequisites Needed We know you’ve got the skills, and now, earning the ...

Splunk Observability Cloud's AI Assistant in Action Series: Observability as Code

This is the sixth post in the Splunk Observability Cloud’s AI Assistant in Action series that digs into how to ...