specify data must exist on actual Splunk server

[fryguy04]

I got tripped up and digging through code why it was failing. I was running this on my laptop and pointing it to an EC2 Splunk server. Figured out I believe these commands are supposed to be ran on the actual Splunk server .. so I ssh'd in and it worked.

This is my first time so if this is incorrect please don't merge, but hopefully helping someone else who comes behind and may try and populated data into a remote Splunk server (which didn't work for me)

[josehelps]

It should work across remote servers, it just connects via 8089, maybe FW did not have that port publicly open @fryguy04?

[fryguy04]

Yes, verified (via nmap) port 8089 is open. Just tried it again and getting this error from my Laptop (remote machine). Note when i do this from the Splunk server (ssh'd in) it works. Any ideas whats going on?

splunklib.binding.HTTPError: HTTP 400 Bad Request -- unable to open file

I verified file is readable/accessible via Python (I read out the first line). I chmod it 777 just in case, no luck.

[patel-bhavin]

Yes, it looks like we need this to run locally where the splunk server is running. The instructions look good! Thank you @fryguy04