Splunk server ip = 192.168.153.139
Forwarder IP = 192.168.153.133
/opt/splunkforwarder/bin/splunk cmd /opt/splunkforwarder/etc/apps/Splunk_TA_nix/bin/setup.sh
Im trying to install Splunk for unix and linux on Forwarder . When i do this
*** Splunk> nix command-line setup > REMOTE LOGIN **
Please enter the full URI for the
remote server
for example,
'https://remotehost:8089'
Enter URI: http://192.168.153.139:8089
connecting to the remote server
'http://192.168.153.139:8089'
enter your credentials to the remote
server below:
Splunk username: admin Password: Login
failed Login Failed
remote login failed
Press Enter to continue
Still i continued and it gave me multiple options
*** Splunk> nix command-line setup > MAIN MENU **
You are currently managing Splunk server 'rhel-test'
Please choose from one of the following options:
1 - show *nix input status
2 - manage *nix inputs
3 - install/upgrade app
4 - change credentials
5 - connect to remote instance
0 - logout and exit program
Enter selection:
i selected 2 . and it gave me more options
*** Splunk> nix command-line setup > MANAGE INPUTS **
You are currently managing Splunk server 'rhel-test'
Please choose from one of the following options:
1 - manage one input
2 - enable all inputs
3 - disable all inputs
4 - go back to main menu
0 - logout and exit program
Enter selection:
Again i selected 2 and accepted. But this time it slapped me with this error
enabling /Library/Logs
enable failed
enabling ~/Library/Logs
enable failed
enabling /var/log
enable failed
enabling /var/adm
enable failed
enabling /etc
enable failed
What im doing wrong. any suggestion .....
what password are you using?
If it's the default "changeme" then you need to change the password before the API is able to be managed remotely. So if its "changeme", log onto that forwarder and change the password to something else.
./splunk edit user admin -password 'v3rySecur3!' -role admin -auth admin:changeme
I change the default password. Still not working.
Have the same problem as umustafa_1985
Do you have any special shell characters in your password like $? If so you have to escape them with a \
For example. pa$$w'rd would become pa\$\$w\'rd
Hi, you didnt specify https, but http instead. It should be https as per the example:
Please enter the full URI for the
remote server
for example,
'https://remotehost:8089'
Enter URI:
You gave it this: http://192.168.153.139:8089
yes, also tried that. even though Splunk server is running on http. But in this from CLI i tried https that reply came LOGIN FAILED.....