All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

No Available Splunk Web Ports on AWS Instance

seandevo
Explorer
‎10-07-2014 05:44 PM

I am currently hosting an Amazon Linux OS (EC2) on AWS, which is the same service that Splunk U uses. After sucessfully downloading and installing Splunk as a root user and starting it up for the first time, I changed the IP address of the default IP to the Public IP address AWS EC2 provided by adding the following line to /opt/splunk/etc/splunk-launch.conf:

SPLUNK_BINDIP:111.222.333.444

I also changed the mgmt ip and port under /opt/splunk/etc/system/local/web.conf:

When I tried to ./splunk restart, I get the error message saying: "Checking http port [111.222.333.444:8000]: already bound. ERROR: The HTTP Port [8000] is already bound. Splunk needs to use this port.

Even if I change the Port, it gives me the same error (with the new port number).

I checked "netstat -anp" and there was no port shown to be bound to the instance.

On the AWS side, I configured the security group to allow inbound connetion to TCP 8000, 8089, 80, and 443. Still no luck.

Anyone have advice? Thanks

Best Regards,
Sean Devo, Systems Engineer
pm2NET

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

seandevo
Explorer
‎10-13-2014 03:06 PM

I figured out why the ports were not working. AWS already provides a public IP and public domain name that will work even though the original install of splunk will give it a private IP host.

Long story short, when installing Splunk and starting it up for the first time, your webUI can be accessed with: publicIP:8000 found on your AWS EC2 instance dashboard. No need for 'SPLUNK_BINDIP' command.

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

seandevo
Explorer
‎10-13-2014 03:06 PM

I figured out why the ports were not working. AWS already provides a public IP and public domain name that will work even though the original install of splunk will give it a private IP host.

Long story short, when installing Splunk and starting it up for the first time, your webUI can be accessed with: publicIP:8000 found on your AWS EC2 instance dashboard. No need for 'SPLUNK_BINDIP' command.

0 Karma
Reply
Get Updates on the Splunk Community!

Detecting Remote Code Executions With the Splunk Threat Research Team

REGISTER NOWRemote code execution (RCE) vulnerabilities pose a significant risk to organizations. If ...

Observability | Use Synthetic Monitoring for Website Metadata Verification

If you are on Splunk Observability Cloud, you may already have Synthetic Monitoringin your observability ...

More Ways To Control Your Costs With Archived Metrics | Register for Tech Talk

Tuesday, May 14, 2024  |  11AM PT / 2PM ET Register to Attend Join us for this Tech Talk and learn how to ...