Unable to get SplunkWeb to use Port 80

rnadler · ‎01-05-2011

Using:

Splunk 4.1.6 build 89596
Windows Server 2008 R2
IIS not running - nothing bound to port 80

After I make the config change: $SPLUNK_HOME$\etc\system\local\web.conf contains:

[settings]
enableSplunkWebSSL = 0
httpport = 80

Restart both Splunkd and Splunkweb.

Splunkweb remains bound to port 8000, and works fine there.

Please advise on how to get Splunkweb to use port 80.

Thanks.

rnadler · ‎01-06-2011

Based on advice from Splunk support I first went to the command line:

> splunk show web-port
Web port: 80

This shows that the configuration is set correctly.

Next I restarted Splunk from the command line:

> splunk restart

After this completed Splunkweb was listening on port 80. Problem solved!

Reason this worked:

This was the first time Splunk was restarted from the command line. Up until then I had been restarting Splunkd and Splunkweb from the Services manager. I was doing that because restarting from the Web interface always got hung. This is probably a Windows restart issue that should be investigated.

sideview · ‎01-06-2011

Are you running splunk as an Administrator? If you're not I suspect that you wont be able to set the port to anything lower than 1024. (a windows thing, not really a splunk thing, except that maybe it's falling back to 8000 somehow.)

Are you able to set the port to 1025 successfully but not 1023 ? 9000?

gkanapathy · ‎01-06-2011

This is a restriction on Linux, but shouldn't matter on Windows.

Unable to get SplunkWeb to use Port 80

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

They're back! Join the SplunkTrust and MVP at .conf24

Enterprise Security Content Update (ESCU) | New Releases