Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Why am I unable to add UDP port 162 as a data source?

rgrace110
New Member
‎11-26-2014 11:02 AM

When I try to add port 162 UDP I cannot add it. I uninstalled Splunk, rebooted and reinstalled with no luck. Netstat -a shows Splunk listening but I cannot get data as it will not allow me to add the data source. Help please.

Tags (3)
0 Karma
Reply

ChrisG
Splunk Employee
Splunk Employee
‎11-26-2014 11:31 AM

Are you running as root? You have to be running as root to listen on a port below 1024. See this topic in the Getting Data In manual.

Reply

rgrace110
New Member
‎11-27-2014 06:22 AM

How can I verify that. The user is a domain admin and should.

0 Karma
Reply

rgrace110
New Member
‎11-26-2014 12:35 PM

I am doing this simply from the Windows interfaces

0 Karma
Reply

ChrisG
Splunk Employee
Splunk Employee
‎11-26-2014 12:39 PM

Okay, just to confirm, then: does the user you are running Splunk Enterprise as have access to port 162?

0 Karma
Reply
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...