Deployment Architecture

Error starting splunk forwarder in linux machine

sumanth_isac
Path Finder

/splunkforwarder/bin/splunk start

Splunk> Be an IT superhero. Go home early.

Checking prerequisites...
Checking mgmt port [8089]: open

Message from syslogd@domU-12-31-39-09-1A-F4 at Mar 18 06:19:07 ...
kernel:[244050.110672] alignment check: 0000 [#18] SMP

Message from syslogd@domU-12-31-39-09-1A-F4 at Mar 18 06:19:07 ...
kernel:[244050.110806] Stack:

Message from syslogd@domU-12-31-39-09-1A-F4 at Mar 18 06:19:07 ...
kernel:[244050.110835] Call Trace:

Message from syslogd@domU-12-31-39-09-1A-F4 at Mar 18 06:19:07 ...
kernel:[244050.110950] Code: 03 00 00 48 b8 fb 0f 00 00 00 c0 ff ff 48 21 f8 48 83 f8 63 0f 85 25 03 00 00 48 8b 7d 98 4d 89 f7 4d 89 ee 48 8b 3f 48 89 7d b8 <48> c7 45 c4 00 00 00 00 c7 45 cc 00 00 00 00 49 8b 3f ff 14 25

Message from syslogd@domU-12-31-39-09-1A-F4 at Mar 18 06:20:46 ...
kernel:[244149.392331] alignment check: 0000 [#19] SMP

Tags (1)
0 Karma

gajananh999
Contributor

Dear Stefano,

I have reinstalled it but this is not the proper solution right if i do mistake in configuring then everything will go right. Any other method to resolve this problem. Or is the problem because we are using the amazon ec2

0 Karma

stefano_guidoba
Communicator

Errors like yours point to a wrong configuration of your Splunk instance.
Try, like the other user, to reinstall it and change one configuration file at a time to see what's causing this mess.

Regards,
Stefano

0 Karma

gajananh999
Contributor

Dear All

Whenever i am trying to start a splunk i am getting this error

/opt/splunk/bin/splunk start

Splunk> 4TW

Checking prerequisites...
Checking http port [8000]: open
Checking mgmt port [8089]: open
Checking configuration... Done.
Checking indexes...
Validated databases: _audit _blocksignature _internal _thefishbu cket history main summary
Done

Message from syslogd@domU-12-31-39-09-1A-F4 at Mar 25 10:27:59 ...
kernel:[863781.863528] alignment check: 0000 [#40] SMP

Message from syslogd@domU-12-31-39-09-1A-F4 at Mar 25 10:27:59 ...
kernel:[863781.863662] Stack:

Message from syslogd@domU-12-31-39-09-1A-F4 at Mar 25 10:27:59 ...
kernel:[863781.863690] Call Trace:

Message from syslogd@domU-12-31-39-09-1A-F4 at Mar 25 10:27:59 ...
kernel:[863781.863792] Code: 03 00 00 48 b8 fb 0f 00 00 00 c0 ff ff 48 21 f8 48 83 f8 63 0f 85 25 03 00 00 48 8b 7d 98 4d 89 f7 4d 89 ee 48 8b 3f 48 89 7d b8 < 48> c7 45 c4 00 00 00 00 c7 45 cc 00 00 00 00 49 8b 3f ff 14 25

0 Karma

sumanth_isac
Path Finder

Yes i reinstalled and it worked properly. Still the reason for problem is Dark.

0 Karma

stefano_guidoba
Communicator

have you messed up with Splunk configuration files?
This error message is not very explanatory.

Get Updates on the Splunk Community!

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

Take a look below to explore our upcoming Community Office Hours, Tech Talks, and Webinars this month. This ...

They're back! Join the SplunkTrust and MVP at .conf24

With our highly anticipated annual conference, .conf, comes the fez-wearers you can trust! The SplunkTrust, as ...

Enterprise Security Content Update (ESCU) | New Releases

Last month, the Splunk Threat Research Team had two releases of new security content via the Enterprise ...