We're running a demo install of Splunk Enterprise. It's running on a Windows server (2022).
I am trying to get my instance of Cisco Firepower e-streamer to get data into splunk. The instructions indicate I need to run a shell script that it located in the app folder. The only way I can imagine running this script is via SSH.
When I attempt to SSH to my splunk instance on port 22, my connection is refused. Anybody got any tips? This has got to be something easy that I am overlooking.
THANKS!
--Dan
I understand the UI port is 8000. I am having no issue operating the GUI. I need CLI access. I have seen some comments on forums indicating Splunk does use the default port 22 for SSH access.
I don't understand, I typed this previous response. I don't know why it says "sakeleo213" is the individual who posted it.
Splunk does not use port 22. The Splunk UI is on port 8000.
Please share a link to the app you are trying to use.
Scripts in apps usually are run as a scripted or modular input rather than running them manually from a shell.
I understand the UI port is 8000. I am having no issue operating the GUI. I need CLI access. I have seen some comments on forums indicating Splunk does use the default port 22 for SSH access.
The app I am trying to use is seen here:
https://splunkbase.splunk.com/app/3662
There is even a video in the link above showing CLI input/manipulation of the config file.
THANKS!
Thanks for the link. It helps clarify the question.
As it turns out, that app does not support Windows.
CLI access to Splunk is managed by the operating system. Connect to the server as you normally do then launch a command prompt.
Turns out this app isn't meant to be run on a Windows Splunk install. Linux install is being setup now.