Installation
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Why is connection being refused in my attempt to SSH to Splunk instance on port  22?

dankgus
Explorer
‎05-15-2023 10:27 AM

We're running a demo install of Splunk Enterprise.  It's running on a Windows server (2022).

I am trying to get my instance of Cisco Firepower e-streamer to get data into splunk.  The instructions indicate I need to run a shell script that it located in the app folder. The only way I can imagine running this script is via SSH.

When I attempt to SSH to my splunk instance on port  22, my connection is refused.  Anybody got any tips?  This has got to be something easy that I am overlooking.

THANKS!
--Dan

Labels (2)
Labels
0 Karma
Reply

sakeleo213
New Member
‎05-15-2023 02:35 PM

I understand the UI port is 8000. I am having no issue operating the GUI. I need CLI access.  I have seen some comments on forums indicating Splunk does use the default port 22 for SSH access.

0 Karma
Reply

dankgus
Explorer
‎05-16-2023 02:20 PM

I don't understand, I typed this previous response. I don't know why it says "sakeleo213" is the individual who posted it.

0 Karma
Reply

richgalloway
SplunkTrust
SplunkTrust
‎05-15-2023 11:11 AM

Splunk does not use port 22.  The Splunk UI is on port 8000.

Please share a link to the app you are trying to use.

Scripts in apps usually are run as a scripted or modular input rather than running them manually from a shell.

---
If this reply helps you, Karma would be appreciated.
0 Karma
Reply

dankgus
Explorer
‎05-15-2023 11:19 AM

I understand the UI port is 8000. I am having no issue operating the GUI. I need CLI access.  I have seen some comments on forums indicating Splunk does use the default port 22 for SSH access.

The app I am trying to use is seen here:

https://splunkbase.splunk.com/app/3662

There is even a video in the link above showing CLI input/manipulation of the config file.

THANKS!

0 Karma
Reply

richgalloway
SplunkTrust
SplunkTrust
‎05-15-2023 01:38 PM

Thanks for the link.  It helps clarify the question.

As it turns out, that app does not support Windows.

CLI access to Splunk is managed by the operating system.  Connect to the server as you normally do then launch a command prompt.

---
If this reply helps you, Karma would be appreciated.
0 Karma
Reply

dankgus
Explorer
‎05-15-2023 01:22 PM

Turns out this app isn't meant to be run on a Windows Splunk install. Linux install is being setup now.

dankgus_0-1684182103292.png

 

Reply
Get Updates on the Splunk Community!

Join Us for Splunk University and Get Your Bootcamp Game On!

If you know, you know! Splunk University is the vibe this summer so register today for bootcamps galore ...

.conf24 | Learning Tracks for Security, Observability, Platform, and Developers!

.conf24 is taking place at The Venetian in Las Vegas from June 11 - 14. Continue reading to learn about the ...

Announcing Scheduled Export GA for Dashboard Studio

We're excited to announce the general availability of Scheduled Export for Dashboard Studio. Starting in ...