Hello,
I'm following the steps here:
https://docs.splunk.com/Documentation/Splunk/9.0.1/Installation/InstallonLinux#Next_steps
After installing and starting the service, I'm of course unable to access port 8000 to access the web interface because the system firewall is blocking connections. Besides port 8000, what other ports should I open through the firewall and why isn't this documented on the above page?
If anyone has a link to splunk documentation about the ports used, please let me know. I've seen lots of splunk community answers showing different ports, but others say they are user-defined. Like port 9997 for the forwarder to send data to the splunk server... I haven't configured that yet (it wasn't in the above documentation).
I see that my splunk server is currently listening on ports 8000, 8089, and 8191, according to the output of "sudo ss -tunlp"
tcp LISTEN 0 128 0.0.0.0:8089 0.0.0.0:* users:(("splunkd",pid=1806,fd=4)) tcp LISTEN 0 128 0.0.0.0:8191 0.0.0.0:* users:(("mongod",pid=2285,fd=9)) tcp LISTEN 0 128 0.0.0.0:8000 0.0.0.0:* users:(("splunkd",pid=1806,fd=100))
I tried opening a support case, but apparently I can't do that either. I'm really not sure where to ask this question, or who to ask in order to get the installation documentation updated.
If I should post this somewhere else, please let me know.
Thank you,
Jonathan
... View more