All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Can't access Splunk web console

jmspbooth
New Member
‎05-05-2018 10:49 AM

So I have Splunk Community deployed on a micro instance of CentOS 7 on google cloud platform.

  • GDP Firewall has 8000 open to all instances from everywhere.
  • CentOS machine has 8000 TCP and UDP open on firewall-cmd.
  • Splunk is running with a non-root user
  • Opened connections from http and https
  • Tried changing the port to 7000 and making the other changes and it is still not available.
  • Tried using multiple browsers will no effect.
  • Confirmed that splunk is running and listening on port 8000

Working with GCP helpdesk as well since the DNS entry isn't working either so I am using the external IP directly. Its been about 24 hours so any latency between networking updates should have happened by now.

0 Karma
Reply

jmsbooth
New Member
‎05-08-2018 02:41 PM

Here are the configs requested.

firewall-cmd
trusted (active)
target: ACCEPT
icmp-block-inversion: no
interfaces: eth0
sources:
services:
ports: 8000/tcp 8000/udp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:

Google Cloud
splunk-allow
Network
default
Priority
1000
Direction
Ingress
Action on match
Allow
Targets
Target tags
splunk
Source filters
IP ranges
0.0.0.0
Protocols and ports
tcp:8000
udp:8000
tcp:8191
udp:8191
tcp:8089
udp:8089
Enforcement
Enabled

0 Karma
Reply

highsplunker
Contributor
‎04-15-2020 12:48 PM

i too could not access my splunk wer from home browser, but my problem was precisely in GCP firewall rules: be careful with you filters (labes, masks, etc.) - there is not difficulty there, actually. have a nice day.

0 Karma
Reply

koshyk
Super Champion
‎05-08-2018 12:43 AM

can u paste the settings of
- firewall-cmd list output
- Firewall settings for GCP for the open port 8000

0 Karma
Reply
Get Updates on the Splunk Community!

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

Take a look below to explore our upcoming Community Office Hours, Tech Talks, and Webinars this month. This ...

They're back! Join the SplunkTrust and MVP at .conf24

With our highly anticipated annual conference, .conf, comes the fez-wearers you can trust! The SplunkTrust, as ...

Enterprise Security Content Update (ESCU) | New Releases

Last month, the Splunk Threat Research Team had two releases of new security content via the Enterprise ...