- Splunk Answers
- :
- Using Splunk
- :
- Splunk Search
- :
- Re: "Exception - com.splunk.mr.JobStartException: ...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I just moved my whole dashboard to production environment but when I tried to test using a search string, following exception and error occur:
2 errors occurred while the search was executing. Therefore, search results might be incomplete. Hide errors.
•[hdfsprovider] Error while running external process, return_code=255. See search.log for more info
•[hdfsprovider] Exception - com.splunk.mr.JobStartException: Failed to start MapReduce job. Please consult search.log for more information. Message: Failed to create Hunk directories due to permission denied. Please make sure you have write permission to the directory specified by vix.splunk.home.hdfs in your provider
**********Search
index="my_index" | stats count(eval( OverallAvgNetworkMOS < 3.5 OR Stream_1_JitterInterArrival > 30 OR Stream_2_JitterInterArrival > 30 OR Stream_1_RoundTrip > 500 OR Stream_2_RoundTrip > 500 OR Stream_1_PacketLossRate>0.1 OR Stream_2_PacketLossRate>0.1)) AS bad_call count(eval(OverallAvgNetworkMOS >= 3.5)) AS good_call | transpose
I checked other posts related to error but could not find a suitable solution. Is this knida search related to config?
Does anyone know how these two can happen? How do I fix this? Thanks a lot!
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Are you using Hunk ? To me it looks like its a permissions issue with virtual index - check this out https://docs.splunk.com/Documentation/Hunk/6.4.10/Hunk/Setupavirtualindex
Have you checked search.log ?
Does it only do it when you run that specific search, or any search ?
Are your DEV and PROD environments using the same architecture/setup ?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Are you using Hunk ? To me it looks like its a permissions issue with virtual index - check this out https://docs.splunk.com/Documentation/Hunk/6.4.10/Hunk/Setupavirtualindex
Have you checked search.log ?
Does it only do it when you run that specific search, or any search ?
Are your DEV and PROD environments using the same architecture/setup ?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
thanks for ur response. Turns out it's the setup issue. System team helped fix it.
Troubleshooting the OpenTelemetry Collector
Adoption of Infrastructure Monitoring at Splunk
Modern way of developing distributed application using OTel
