Deployment Architecture

Error starting splunk forwarder in linux machine

sumanth_isac
Path Finder

/splunkforwarder/bin/splunk start

Splunk> Be an IT superhero. Go home early.

Checking prerequisites...
Checking mgmt port [8089]: open

Message from syslogd@domU-12-31-39-09-1A-F4 at Mar 18 06:19:07 ...
kernel:[244050.110672] alignment check: 0000 [#18] SMP

Message from syslogd@domU-12-31-39-09-1A-F4 at Mar 18 06:19:07 ...
kernel:[244050.110806] Stack:

Message from syslogd@domU-12-31-39-09-1A-F4 at Mar 18 06:19:07 ...
kernel:[244050.110835] Call Trace:

Message from syslogd@domU-12-31-39-09-1A-F4 at Mar 18 06:19:07 ...
kernel:[244050.110950] Code: 03 00 00 48 b8 fb 0f 00 00 00 c0 ff ff 48 21 f8 48 83 f8 63 0f 85 25 03 00 00 48 8b 7d 98 4d 89 f7 4d 89 ee 48 8b 3f 48 89 7d b8 <48> c7 45 c4 00 00 00 00 c7 45 cc 00 00 00 00 49 8b 3f ff 14 25

Message from syslogd@domU-12-31-39-09-1A-F4 at Mar 18 06:20:46 ...
kernel:[244149.392331] alignment check: 0000 [#19] SMP

Tags (1)
0 Karma

gajananh999
Contributor

Dear Stefano,

I have reinstalled it but this is not the proper solution right if i do mistake in configuring then everything will go right. Any other method to resolve this problem. Or is the problem because we are using the amazon ec2

0 Karma

stefano_guidoba
Communicator

Errors like yours point to a wrong configuration of your Splunk instance.
Try, like the other user, to reinstall it and change one configuration file at a time to see what's causing this mess.

Regards,
Stefano

0 Karma

gajananh999
Contributor

Dear All

Whenever i am trying to start a splunk i am getting this error

/opt/splunk/bin/splunk start

Splunk> 4TW

Checking prerequisites...
Checking http port [8000]: open
Checking mgmt port [8089]: open
Checking configuration... Done.
Checking indexes...
Validated databases: _audit _blocksignature _internal _thefishbu cket history main summary
Done

Message from syslogd@domU-12-31-39-09-1A-F4 at Mar 25 10:27:59 ...
kernel:[863781.863528] alignment check: 0000 [#40] SMP

Message from syslogd@domU-12-31-39-09-1A-F4 at Mar 25 10:27:59 ...
kernel:[863781.863662] Stack:

Message from syslogd@domU-12-31-39-09-1A-F4 at Mar 25 10:27:59 ...
kernel:[863781.863690] Call Trace:

Message from syslogd@domU-12-31-39-09-1A-F4 at Mar 25 10:27:59 ...
kernel:[863781.863792] Code: 03 00 00 48 b8 fb 0f 00 00 00 c0 ff ff 48 21 f8 48 83 f8 63 0f 85 25 03 00 00 48 8b 7d 98 4d 89 f7 4d 89 ee 48 8b 3f 48 89 7d b8 < 48> c7 45 c4 00 00 00 00 c7 45 cc 00 00 00 00 49 8b 3f ff 14 25

0 Karma

sumanth_isac
Path Finder

Yes i reinstalled and it worked properly. Still the reason for problem is Dark.

0 Karma

stefano_guidoba
Communicator

have you messed up with Splunk configuration files?
This error message is not very explanatory.

Get Updates on the Splunk Community!

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...

Let’s Get You Certified – Vegas-Style at .conf24

Are you ready to level up your Splunk game? Then, let’s get you certified live at .conf24 – our annual user ...