Index servers TcpInputProc error messages

fuster_j · ‎06-19-2012

I have 2 index servers that is LB and listening to port 9997. Both are getting a lot of this message in splunkd.log:

06-19-2012 10:23:59.920 ERROR TcpInputProc - Error encountered for connection from src=:. Timeout

Is it because the port 9997 is saturated? Do I need more index server to fix the issue? How do I debug it? Or, how can I determine if NIC TCP 9997 is saturated without installing 3rd party tool?

athorat3 · ‎04-08-2015

Getting a similiar error : default group property contains invalid group name

Any Luck with you guys?

ppriyanjith · ‎12-23-2012

I am also having the same setup(two indexes) and my listening port is 51099 and facing same issue. futher I can see below error message as well in forwader log

12-22-2012 22:54:53.703 +0000 INFO TcpOutputProc - tcpout group splunk_recieving_nodes using Auto load balanced forwarding
12-22-2012 22:54:53.703 +0000 INFO TcpOutputProc - Group splunk_recieving_nodes initialized with maxQueueSize=512000 in bytes.
12-22-2012 22:54:53.703 +0000 ERROR TcpOutputProc - the 'defaultGroup' property contains an invalid group name - splunk_recieving_nodes - skipping
12-22-2012 22:54:53.703 +0000 WARN TcpOutputProc - Default groupList has not yet been calculated!

can anyone help to resolve this issue

Index servers TcpInputProc error messages

.conf24 | Registration Open!

ICYMI - Check out the latest releases of Splunk Edge Processor

Introducing the 2024 SplunkTrust!