Deployment Architecture
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Splunk forwarder in EC2 not reaching the indexer

mirceaned
New Member
‎05-31-2018 04:43 PM

I've installed splunk forwarder inside a Docker container and when I use a local VM I am able to see the events coming in the Indexer page.
However, when deploying the container on an EC2 instance, there are 0 events being generated.
Is there any special configuration needed for EC2 case?

One difference I spotted in the logs is that the non working install had this additional line in splunkd.log file.
I could not find any other errors/warnings compared to the working case.
I cannot attach the full log because I don't have enough points.

05-31-2018 22:59:15.477 +0000 INFO TailReader - tailreader0 waiting to be un-paused

Tags (1)
0 Karma
Reply
Get Updates on the Splunk Community!

Splunk APM: New Product Features + Community Office Hours Recap!

Howdy Splunk Community! Over the past few months, we’ve had a lot going on in the world of Splunk Application ...

Index This | Forward, I’m heavy; backward, I’m not. What am I?

April 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

A Guide To Cloud Migration Success

As enterprises’ rapid expansion to the cloud continues, IT leaders are continuously looking for ways to focus ...