Bind Splunk to an IP
By default, the Splunk Enterprise services are bound to IP address 0.0.0.0, meaning all available IP addresses on the host machine. You can force Splunk Enterprise to bind all service ports to a specified IP address.
Changing the IP address only applies to the Splunk daemon (splunkd) services, which are:
- TCP port 8089 (by default)
- And any port that has been configured as for:
- SplunkTCP inputs
- TCP or UDP inputs
To bind the Splunk Web process (splunkweb) to a specific IP, use the
server.socket_host setting in web.conf.
Temporarily change the IP address
To make this a temporary change, use the environment variable
SPLUNK_BINDIP=<ipaddress> to set an IP address before starting Splunk Enterprise services.
Permanently change the IP address
To permanently change the default IP address for a host machine, update the
$SPLUNK_HOME/etc/splunk-launch.conf to include the
SPLUNK_BINDIP attribute and
For example, to bind Splunk ports to 127.0.0.1 (for local loopback only),
splunk-launch.conf should read:
# Modify the following line to suit the location of your Splunk install. # If unset, Splunk will use the parent of the directory this configuration # file was found in # # SPLUNK_HOME=/opt/splunk SPLUNK_BINDIP=127.0.0.1
mgmtHostPort attribute in
web.conf has a default value of
0.0.0.0:8089. If you use
SPLUNK_BINDIP to enforce a different IP address, you must also change
mgmtHostPort to use the same IP address.
For example, if you change the
you must also change the
web.conf to IP address to match:
See web.conf for more information on the
mgmtHostPort setting in web.conf accepts IPv6 addresses if they are enclosed in square brackets. If you configure splunkd to only listen on IPv6, you must update the
mgmtHostPort to use
[::1]:8089 instead of
127.0.0.1:8089. See "Configure Splunk for IPv6".
Change default values
Configure Splunk Enterprise for IPv6
This documentation applies to the following versions of Splunk® Enterprise: 7.2.0, 7.2.1, 7.2.2, 7.2.3, 7.2.4, 7.2.5, 7.2.6, 7.2.7, 7.2.8, 7.2.9, 7.2.10, 7.3.0, 7.3.1, 7.3.2, 7.3.3, 7.3.4, 7.3.5, 7.3.6, 7.3.7, 7.3.8, 7.3.9, 8.0.0, 8.0.1, 8.0.2, 8.0.3, 8.0.4, 8.0.5, 8.0.6, 8.0.7, 8.0.8, 8.0.9, 8.0.10, 8.1.0, 8.1.1, 8.1.2, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.1.8, 8.1.9, 8.1.10, 8.1.11, 8.2.0, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 8.2.5, 8.2.6, 8.2.7, 8.2.8, 9.0.0, 9.0.1