Installation

Why am I getting a 500 error switching to Splunk Free from the trial license (CentOS 7)?

rvencu
Path Finder

I installed the Splunk trial on CentOS 7. It worked fine for a week, then I decided to switch it to free. After the restart, I saw the update screen then error 500. Rebooting does not help...

Labels (2)
1 Solution

rvencu
Path Finder

I solved my own issue. In server.conf this line must appear like this:

allowRemoteLogin=always

View solution in original post

rvencu
Path Finder

I solved my own issue. In server.conf this line must appear like this:

allowRemoteLogin=always

kimikoyan
Explorer

I have the same issue but I can't solve it via your solution. I tried v7.1.0 and v6.5.1 and both have the issue when I update the license from download-trial to free.

My server is not allowed to connect to internet. Does it matter ?

0 Karma

atif_sdq
New Member

Thank you rvencu. Worked like a charm.

0 Karma

rvencu
Path Finder

I changed back the licence group in server.conf to download-trial and it works again as before. Still I expect when the trial expires that the free license will break the installation again.

0 Karma

renjith_nair
SplunkTrust
SplunkTrust

What's your splunk log says ?

Happy Splunking!
0 Karma

rvencu
Path Finder

web_access.log

127.0.0.1 - - [07/Jul/2016:23:18:38.570 +0300] "GET /en-US/ HTTP/1.1" 500 2977 "https://sp.dentfix.ro:8000/en-US/" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36" - 577eb91e917f2cb4842610 32ms

in web_service.log these lines keep repeating

2016-07-07 23:18:38,585 ERROR   [577eb91e917f2cb4842610] startup:96 - Unable to read in product version information; [HTTP 401] Client is not authenticated
2016-07-07 23:18:38,599 INFO    [577eb91e917f2cb4842610] _cplogging:55 - [07/Jul/2016:23:18:38] HTTP 
Request Headers:
  COOKIE: cookie_notice_accepted=true; splunkd_8000=EjhJKNKwSOoOe659UPnlnmJNyoqrEnB1LUu6bzM^Est8E77951iaGKkFkphP7xvLMfhD9Bhm_GSZzFKVi8eQO7_IL0CUj7mEb7^lsmf4D4Hhk5p1ygJxFbaa3tVhwpBZNN; splunkweb_csrf_token_8000=609924465883822080; _icl_current_language=ro; wordpress_test_cookie=WP+Cookie+check; wordpress_logged_in_7b441673ec83a47676d72ae556df3b29=rvencu%7C1468095508%7C3why7OpyGCt4EoHOyDiCgKHdJ4THWzqwR37jEEtCDTM%7C286484cd4c8f6e6d3c0c3c925f2a185dc0c48014c92cee6408ef9e4e4f2866df; sp_identify=rvencu; session_id_8000=9890eeae3f684b4e0ac683f26f0d4bf87dd0555b
  ACCEPT-ENCODING: gzip
  X-SPLUNKD: 5IHdRMq41eh52M2lCFUMrg== 609924465883822080 EjhJKNKwSOoOe659UPnlnmJNyoqrEnB1LUu6bzM^Est8E77951iaGKkFkphP7xvLMfhD9Bhm_GSZzFKVi8eQO7_IL0CUj7mEb7^lsmf4D4Hhk5p1ygJxFbaa3tVhwpBZNN 0
  ACCEPT-LANGUAGE: en-US,en;q=0.8,de;q=0.6,es;q=0.4,hu;q=0.2,ro;q=0.2
  ACCEPT: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
  TE: chunked
  USER-AGENT: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36
  Remote-Addr: 127.0.0.1
  UPGRADE-INSECURE-REQUESTS: 1
  HOST: xxx:8000
  REFERER: https://xxx:8000/en-US/
  REMOTE-USER: admin
2016-07-07 23:18:38,599 DEBUG   [577eb91e917f2cb4842610] _cplogging:55 - [07/Jul/2016:23:18:38] HTTP Traceback (most recent call last):
  File "/opt/splunk/lib/python2.7/site-packages/cherrypy/_cprequest.py", line 606, in respond
    cherrypy.response.body = self.handler()
  File "/opt/splunk/lib/python2.7/site-packages/cherrypy/_cpdispatch.py", line 25, in __call__
    return self.callable(*self.args, **self.kwargs)
  File "", line 1, in 
  File "/opt/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/lib/decorators.py", line 38, in rundecs
    return fn(*a, **kw)
  File "", line 1, in 
  File "/opt/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/lib/decorators.py", line 118, in check
    return fn(self, *a, **kw)
  File "", line 1, in 
  File "/opt/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/lib/decorators.py", line 167, in validate_ip
    return fn(self, *a, **kw)
  File "", line 1, in 
  File "/opt/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/lib/decorators.py", line 246, in preform_sso_check
    update_session_user(sessionKey, remote_user)
  File "/opt/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/lib/decorators.py", line 189, in update_session_user
    en = splunk.entity.getEntity('authentication/users', user, sessionKey=sessionKey)
  File "/opt/splunk/lib/python2.7/site-packages/splunk/entity.py", line 249, in getEntity
    serverResponse, serverContent = rest.simpleRequest(uri, getargs=kwargs, sessionKey=sessionKey, raiseAllErrors=True)
  File "/opt/splunk/lib/python2.7/site-packages/splunk/rest/__init__.py", line 510, in simpleRequest
    raise splunk.AuthenticationFailed
AuthenticationFailed: [HTTP 401] Client is not authenticated

Are there other logs to check?

0 Karma
Get Updates on the Splunk Community!

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...

Let’s Get You Certified – Vegas-Style at .conf24

Are you ready to level up your Splunk game? Then, let’s get you certified live at .conf24 – our annual user ...