3. For some reasons, splunk PID remained hanged, so manually remove pid file from under "/opt/splunkforwarder/var/run/splunk" and start splunk.
4. This time everything fine and log files are splunked.
Saturday, August 20, 2016
Splunk forwarder not working
1. Logs are not splunk despite splunk showing as running:
2. Looking at the PID 13223, there is nothing specific to splunk running at this PID.
3. For some reasons, splunk PID remained hanged, so manually remove pid file from under "/opt/splunkforwarder/var/run/splunk" and start splunk.
4. This time everything fine and log files are splunked.
3. For some reasons, splunk PID remained hanged, so manually remove pid file from under "/opt/splunkforwarder/var/run/splunk" and start splunk.
4. This time everything fine and log files are splunked.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment