Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

We have an app on a server for which we want to send logs to splunk.

samqadir
New Member
‎04-30-2018 09:56 PM

We have an app on a server for which we want to send logs to splunk. The splunk host is listening on 9997 while our server is sending data via inconsistent ports. We want to make splunk forwarder to use 9997 to send data to splunk host server.

LocalAddress LocalPort RemoteAddress RemotePort State AppliedSetting OwningProcess
XXXXXXXXX.13 65518(This changes) XXXXXXXXXXXX 9997 Established Internet splunkd.exe

Please help what we need to do so that the local port is listening to forwarders on 9997 to send data to host on their 9997 port.

Tags (1)
0 Karma
Reply

xpac
SplunkTrust
SplunkTrust
‎05-01-2018 06:22 AM

The Port used to initiate a connection from is random for several reasons, and this behaviour is common practice.

Splunk doesn't offer a config parameter to change this, and (if I remember correctly) is behavior determined on a lower level (C library/operating system).

I can't think of a good reason to force this to be a fixed port - maybe you can explain why you want to do this? Maybe we can find an alternative, or there is simply a misunderstanding in how this is supposed to work?

0 Karma
Reply
Get Updates on the Splunk Community!

Threat Hunting Unlocked: How to Uplevel Your Threat Hunting With the PEAK Framework ...

WATCH NOWAs AI starts tackling low level alerts, it's more critical than ever to uplevel your threat hunting ...

Splunk APM: New Product Features + Community Office Hours Recap!

Howdy Splunk Community! Over the past few months, we’ve had a lot going on in the world of Splunk Application ...

Index This | Forward, I’m heavy; backward, I’m not. What am I?

April 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...