Solved: Why can't I bump Splunk using https:///en-US/_bump...

fdarrigo · ‎04-05-2016

I am trying to bump a local Splunk instance using : https:///en-US/_bump
but I receive the following:

<response> <messages> <msg type="ERROR">Forbidden</msg> </messages> </response>

This looks like an authentication/authorization error.
I am running Splunk 6.4 (Free license)

What am I doing wrong?

jeffland · ‎04-06-2016

The free license supports neither _bump nor debug/refresh. You'll have to restart your server, as you already noted.

ppuru · ‎01-07-2017

Note that you also have to login before you attempt a successful bump.

jeffland · ‎04-06-2016

The free license supports neither _bump nor debug/refresh. You'll have to restart your server, as you already noted.

Rocket66 · ‎04-05-2016

try to got to en-US/info an hit the "Static resource cache control" - same error?
try to hit (on the same page ) "EAI object refresh"

btw.: Admin rights?

fdarrigo · ‎04-05-2016

I found a work around...
Settings>Server Controls>Restart Splunk

fdarrigo · ‎04-05-2016

same results for

en-US/info an hit the "Static resource cache control" - same error?
AND
try to hit (on the same page ) "EAI object refresh"

Since this is the free version, it doesnt support user accounts or roles, so I can't explicitly add myself to a splunk admin role.

Why can't I bump Splunk using https:///en-US/_bump and get error message "Forbidden"?