Since adding enterprise license Splunk periodically crashes with the following information from the kernel log:
Jul 19 08:10:34 syslog-xgm kernel: [1554243.968186] splunkd[27276] general protection ip:12b91d2 sp:7fa156bf99f0 error:0 in splunkd[400000+1490000]
Jul 19 08:20:13 syslog-xgm kernel: [1554823.146973] splunkd[28153] general protection ip:12b91d2 sp:7fa1573f99f0 error:0 in splunkd[400000+1490000]
Jul 19 08:30:51 syslog-xgm kernel: [1555461.358322] splunkd[29506] general protection ip:12b91d2 sp:7fa1573f99f0 error:0 in splunkd[400000+1490000]
Splunk seems work correctly, i'm using:
Description: Ubuntu 10.04.3 LTS
Release: 10.04
2.6.32-34-server x86_64
gcc:
Installed: 4:4.4.3-1ubuntu1
Candidate: 4:4.4.3-1ubuntu1
gcc
gcc-4.4
gcc-4.4-base
libgcc1
some advice to avoid/solve this alert?
Regards
Hi,
Do you have SOS and Splunk Unix app installed in your indexer ?
Unlike license, I guess it might be due to excessive utilization of system RAM / CPU resources when splunkd crashes. These two apps might help you in identifying the state of Splunk when the issue occurs.
Regards,
Amit Saxena
Hi,
Do you have SOS and Splunk Unix app installed in your indexer ?
Unlike license, I guess it might be due to excessive utilization of system RAM / CPU resources when splunkd crashes. These two apps might help you in identifying the state of Splunk when the issue occurs.
Regards,
Amit Saxena