Hi
I am trying to connect to Splunk API from a different VM.
My API command works when I run this as localhost to the search head VM. If I replace localhost with the IP or VM name of search head, and try to run curl, it won't connect.
Telnet to 8089 port says connection refused
splunksrch01:/tmp # curl -k -u user:pwd -d "search=search host=pc* earliest=-1h@h | chart count by host" https://localhost:8089/services/search/jobs/
Above command works if on search head.
But if run this from another VM by replacing localhost
with search head IP
, it won't work:
curl -k -u user:pwd -d "search=search host=pc* earliest=-1h@h | chart count by host" https://XX.XX.XX.XX:8089/services/search/jobs/
curl: (7) couldn't connect to host
Pls help
Is it because 8089 port is not opened? or something else?
Correct you're going to want to make sure there is a route from that VM to the Splunk Search Head and that port 8089 is opened on the Search Head. If you can't telnet on that port, than you have some sort of networking issue going on.