Are there other conf files I should not have copied over?ģ. Where is that IP value coming from in the search head error?Ģ. However, now I am getting the two errors I mentioned above.ġ. Tried restarting again, and splunk came up Commented out the sslKeysfilePassword in nfħ. Thought it might be because I copied over the server.pem, so I restored the backup.Ħ. When trying to restart splunk, The Waiting for web server at to be available. Copied over the following conf files from a previously running Indexer: server, alert_actions, authentication, authorize, props, transforms, webĤ. Created the linux Machine and installed 6.4 enterprise on itĢ. Error=http client error=Connection refused, while trying to reach ġ. These are just random IP values I replaced the real ones with for sample purposes): Failed to add peer 'guid=CA7694EA-40EE-4B40-8506-DAFD18BCAB2E server name=ip-99-8-321-101 ip=99.0.4.23:8089' to the master. The splunkd_access.log does not have much useful info that I can see.Īnother strange thing is the warning on the search head lists an IP value that does not exist for this new indexer, and I have no idea where it got that IP from (server IP should match what is in name. Check var/log/splunk/splunkd_access.log on the peer Peer may be over subscribed or misconfigured.
The error I get in Distributed Search > Search Peers on the search head is: Error Failed 12 out of 11 times.REST interface to peer is taking longer than 5 seconds to respond on https. I have attempted to add the first one, but it is not working. Our current setup is a search head and two indexers using replication.
I am trying to add two more indexers to our current Splunk setup.
0 kommentar(er)
