TOC & Recently Viewed

Recently Viewed Topics

Configure the LCE Splunk Client

Note: All shell commands need to be executed by a user with root privileges.

Steps

To configure the Splunk Client, you can execute the set-server-ip.sh script and include the LCE Server IP address and port number as arguments, or execute the script and, when prompted, enter the IP address and port number individually.

Finally, you will need to authorize the LCE Splunk Client.

To execute the script using arguments:

  1. Type /opt/lce_splunk/set-server-ip.sh <IP> <Port>, where <IP> is the IP address of an LCE Server and <Port> is the port number assigned to the server. By default, the port number is 31300.

    The LCE Server IP address and port number are updated, and the LCE Splunk Client daemon is restarted.

    Example:

    # /opt/lce_splunk/set-server-ip.sh 192.168.22.11 31300

    Updating LCE Server IP from 172.26.20.66 to 192.168.11...

    Updating LCE Server Port from 31300 to 31300...

    Done

    Stopping LCE Splunk Client daemon                               [  OK  ]

    Starting LCE Splunk Client daemon                               [  OK  ]

To execute the script without arguments:

  1. Type /opt/lce_splunk/set-server-ip.sh

    You are prompted to enter the LCE Server IP address or hostname.

  2. Type the IP address or hostname of an LCE server.

    You are prompted to enter the LCE server port.

  3. Type the port number assigned to the server for LCE client communication. By default, the port number is 31300.

    The LCE Server IP address and port number are updated, and the LCE Splunk Client daemon is reset.

    Example:

    # /opt/lce_splunk/set-server-ip.sh

     

    Enter the new desired LCE server IP or hostname.

    >>

    192.168.22.11

     

     

    Enter the new desired LCE server port [31300].

    >>

    31300

    Updating LCE Server IP from 203.0.113.1 to 192.168.22.11...

    Updating LCE Server Port from 31300 to 31300...

    Done

    Stopping LCE Splunk Client daemon                               [  OK  ]

    Starting LCE Splunk Client daemon                               [  OK  ]

Copyright © 2017. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.