In order to still be able to access Splunk via HTTP (TCP/IP port 80) or HTTPS (TCP/IP port 443) the SMF manifest I originally wrote needed to be modified to allow the splunk user to open TCP/IP ports less than 1024. This was achieved by adding the “net_privaddr” privilege to the method context in the manifest. The manifest also had to be changed so that Splunk no longer bound sockets to the loop-back address only and was directly accessible.
Once you have loaded this manifest and started Splunk you must initially connect to your splunk server via the web interface and configure it to listen on TCP/IP port 80 or enable SSL and have it listen on TCP/IP port 443. Then restart the service with “
svcadm restart splunk”.
Download the complete Splunk SMF manifest. Note that it can be used with both the free and enterprise versions of Splunk.