Installation

Why am I getting a 500 error switching to Splunk Free from the trial license (CentOS 7)?

rvencu
Path Finder

I installed the Splunk trial on CentOS 7. It worked fine for a week, then I decided to switch it to free. After the restart, I saw the update screen then error 500. Rebooting does not help...

Labels (2)
1 Solution

rvencu
Path Finder

I solved my own issue. In server.conf this line must appear like this:

allowRemoteLogin=always

View solution in original post

rvencu
Path Finder

I solved my own issue. In server.conf this line must appear like this:

allowRemoteLogin=always

kimikoyan
Explorer

I have the same issue but I can't solve it via your solution. I tried v7.1.0 and v6.5.1 and both have the issue when I update the license from download-trial to free.

My server is not allowed to connect to internet. Does it matter ?

0 Karma

atif_sdq
New Member

Thank you rvencu. Worked like a charm.

0 Karma

rvencu
Path Finder

I changed back the licence group in server.conf to download-trial and it works again as before. Still I expect when the trial expires that the free license will break the installation again.

0 Karma

renjith_nair
SplunkTrust
SplunkTrust

What's your splunk log says ?

Happy Splunking!
0 Karma

rvencu
Path Finder

web_access.log

127.0.0.1 - - [07/Jul/2016:23:18:38.570 +0300] "GET /en-US/ HTTP/1.1" 500 2977 "https://sp.dentfix.ro:8000/en-US/" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36" - 577eb91e917f2cb4842610 32ms

in web_service.log these lines keep repeating

2016-07-07 23:18:38,585 ERROR   [577eb91e917f2cb4842610] startup:96 - Unable to read in product version information; [HTTP 401] Client is not authenticated
2016-07-07 23:18:38,599 INFO    [577eb91e917f2cb4842610] _cplogging:55 - [07/Jul/2016:23:18:38] HTTP 
Request Headers:
  COOKIE: cookie_notice_accepted=true; splunkd_8000=EjhJKNKwSOoOe659UPnlnmJNyoqrEnB1LUu6bzM^Est8E77951iaGKkFkphP7xvLMfhD9Bhm_GSZzFKVi8eQO7_IL0CUj7mEb7^lsmf4D4Hhk5p1ygJxFbaa3tVhwpBZNN; splunkweb_csrf_token_8000=609924465883822080; _icl_current_language=ro; wordpress_test_cookie=WP+Cookie+check; wordpress_logged_in_7b441673ec83a47676d72ae556df3b29=rvencu%7C1468095508%7C3why7OpyGCt4EoHOyDiCgKHdJ4THWzqwR37jEEtCDTM%7C286484cd4c8f6e6d3c0c3c925f2a185dc0c48014c92cee6408ef9e4e4f2866df; sp_identify=rvencu; session_id_8000=9890eeae3f684b4e0ac683f26f0d4bf87dd0555b
  ACCEPT-ENCODING: gzip
  X-SPLUNKD: 5IHdRMq41eh52M2lCFUMrg== 609924465883822080 EjhJKNKwSOoOe659UPnlnmJNyoqrEnB1LUu6bzM^Est8E77951iaGKkFkphP7xvLMfhD9Bhm_GSZzFKVi8eQO7_IL0CUj7mEb7^lsmf4D4Hhk5p1ygJxFbaa3tVhwpBZNN 0
  ACCEPT-LANGUAGE: en-US,en;q=0.8,de;q=0.6,es;q=0.4,hu;q=0.2,ro;q=0.2
  ACCEPT: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
  TE: chunked
  USER-AGENT: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36
  Remote-Addr: 127.0.0.1
  UPGRADE-INSECURE-REQUESTS: 1
  HOST: xxx:8000
  REFERER: https://xxx:8000/en-US/
  REMOTE-USER: admin
2016-07-07 23:18:38,599 DEBUG   [577eb91e917f2cb4842610] _cplogging:55 - [07/Jul/2016:23:18:38] HTTP Traceback (most recent call last):
  File "/opt/splunk/lib/python2.7/site-packages/cherrypy/_cprequest.py", line 606, in respond
    cherrypy.response.body = self.handler()
  File "/opt/splunk/lib/python2.7/site-packages/cherrypy/_cpdispatch.py", line 25, in __call__
    return self.callable(*self.args, **self.kwargs)
  File "", line 1, in 
  File "/opt/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/lib/decorators.py", line 38, in rundecs
    return fn(*a, **kw)
  File "", line 1, in 
  File "/opt/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/lib/decorators.py", line 118, in check
    return fn(self, *a, **kw)
  File "", line 1, in 
  File "/opt/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/lib/decorators.py", line 167, in validate_ip
    return fn(self, *a, **kw)
  File "", line 1, in 
  File "/opt/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/lib/decorators.py", line 246, in preform_sso_check
    update_session_user(sessionKey, remote_user)
  File "/opt/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/lib/decorators.py", line 189, in update_session_user
    en = splunk.entity.getEntity('authentication/users', user, sessionKey=sessionKey)
  File "/opt/splunk/lib/python2.7/site-packages/splunk/entity.py", line 249, in getEntity
    serverResponse, serverContent = rest.simpleRequest(uri, getargs=kwargs, sessionKey=sessionKey, raiseAllErrors=True)
  File "/opt/splunk/lib/python2.7/site-packages/splunk/rest/__init__.py", line 510, in simpleRequest
    raise splunk.AuthenticationFailed
AuthenticationFailed: [HTTP 401] Client is not authenticated

Are there other logs to check?

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...