Splunk Dev
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

data not going to splunk

tiongjss1
Engager
‎02-05-2013 10:46 PM

Hi, I am relatively new on this, and I am having a problem right now.

When I run the twitted system from the python sdk, there seems to be no data being pushed into splunk.

It seems that the input.py is always stuck on the "initializing splunk" area.

My TCP port for both splunkrc and input.py are both 9002. Am I doing something wrong? Please tell me. Thank you.

0 Karma
Reply

Neeraj_Luthra
Splunk Employee
Splunk Employee
‎02-05-2013 11:16 PM

The twitted example reads .splunkrc to build a URL to Splunk's management port to write data into Splunk. I am assuming you are running Splunk on the default ports, i.e. 8000 for web and 8089 for management. If so, to run this example, your .splunkrc should have the management port listed, i.e. 8089.

Reply

Neeraj_Luthra
Splunk Employee
Splunk Employee
‎02-08-2013 12:42 PM

This is resolved. A clean refresh of the SDK examples and .splunkrc solved the problem.

0 Karma
Reply

Neeraj_Luthra
Splunk Employee
Splunk Employee
‎02-06-2013 06:58 PM

Do you have anything running on your machine on port 9001? Email me so I can work with you offline and we can then post the resolution here.

0 Karma
Reply

tiongjss1
Engager
‎02-06-2013 06:21 PM

Thank you for replying. The problem has now been oddly changed to "HTTP 400 Bad Request--In handler 'raw' : Parameter name:TCP Port 9001 not available". Is it the same thing or is it different?

0 Karma
Reply

Neeraj_Luthra
Splunk Employee
Splunk Employee
‎02-06-2013 10:15 AM

If you can undo all your changes to the input.py and make sure your .splunkrc looks something like this:

scheme=https

host=localhost

port=8089

username=admin

password=changeme

Then from the root of the Python SDK, run this command with no extra arguments
python examples/twitted/input.py
If this doesn't work, provide the output from this command.

0 Karma
Reply

Neeraj_Luthra
Splunk Employee
Splunk Employee
‎02-05-2013 11:36 PM

Yes, you should be able to. Make sure that Splunk is indeed running on that port and you can hit https://localhost:8089 from the browser or command line (using curl)? Also, can you post the entire error you are getting?

0 Karma
Reply

tiongjss1
Engager
‎02-05-2013 11:25 PM

Thank you for your quick reply. I tried what you suggested, however, I have the error "HTTP 400 Bad Request--In handler 'raw' : Parameter name:TCP Port 8089 not available"

Another question: are we able to list more than one port in the system?

0 Karma
Reply
Get Updates on the Splunk Community!

Introducing the Splunk Community Dashboard Challenge!

Welcome to Splunk Community Dashboard Challenge! This is your chance to showcase your skills in creating ...

Built-in Service Level Objectives Management to Bridge the Gap Between Service & ...

Wednesday, May 29, 2024  |  11AM PST / 2PM ESTRegister now and join us to learn more about how you can ...

Get Your Exclusive Splunk Certified Cybersecurity Defense Engineer Certification at ...

We’re excited to announce a new Splunk certification exam being released at .conf24! If you’re headed to Vegas ...