Why am receiving a free license violation after up...

sazv · ‎09-16-2014

I just upgraded to 6.1.3, and now I am receiving a license violation. Looking at the past 30 days, I have never gone above 200MB/day, and only once touched 30% of daily license quota. I have one pool warning and one pool violation, with a "correct by midnight" message. Today's percentage of license quota sits at slightly over 10% as I type.

Any ideas?

grijhwani · ‎09-16-2014

One problem that I faced when first using the free licence was that Splunk was indexing (and more to the point re-indexing after rotation) its own log files. This meant that there was growing input day-on-day. When using an Enterprise licence this problem never becomes apparent, because the Splunk logs are a tiny drop in the ocean, but when using the free licence it can take a significant bite out of the available throughput.

jsundberg_splun · ‎10-09-2014

Splunk's internal logs do not count against the license (free or Enterprise).

sazv · ‎09-17-2014

Very strange. Today the license violation was downgraded to a warning, and everything is otherwise working.

Why am receiving a free license violation after upgrade to 6.1.3 and have never gone above 200MB/day?

license

upgrade

Announcing Scheduled Export GA for Dashboard Studio

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!