Solved: Disable loading of splunk-regmon

Derek · ‎06-29-2010

Hi,

How can I stop the loading of splunk-regmon?

I'm getting these errors:

ERROR ExecProcessor - message from ""C:\Program Files\Splunk\bin\splunk-regmon.exe" --driver-path "C:\Program Files\Splunk\bin"" splunk-regmon - GetDriverHandle: Unable to install driver.

ERROR ExecProcessor - message from ""C:\Program Files\Splunk\bin\splunk-regmon.exe" --driver-path "C:\Program Files\Splunk\bin"" splunk-regmon - run_regmon: Failed to initialize Registry Monitor

I've tried to troubleshoot Antivirus etc but with no luck.

Thanks!

Genti · ‎06-29-2010

Derek,

If i remember correctly this is a bug that Splunk developers are working on. If memory serves right, this does not interfere with your daily splunk usage and performance and you should not worry about it

.gz

View solution in original post

Genti · ‎06-29-2010

Derek,

If i remember correctly this is a bug that Splunk developers are working on. If memory serves right, this does not interfere with your daily splunk usage and performance and you should not worry about it

.gz

Derek · ‎06-30-2010

If you don't have access to Splunk Web then in inputs.conf (etc/system/local) add:

[script://$SPLUNK_HOME\bin\scripts\splunk-regmon.path]
disabled = 1

Genti · ‎06-29-2010

btw, you can still disable that if you would like to.
Just go to: manager > data inputs > script and disable the "splunk-regmon.path"
This way at least you wont be bothered by those msg's

Derek · ‎06-29-2010

Thanks for the info. I've only noticed this happen on one machine out of many so far. Is this a bug in 4.1.x?

Disable loading of splunk-regmon

Join Us for Splunk University and Get Your Bootcamp Game On!

.conf24 | Learning Tracks for Security, Observability, Platform, and Developers!

Announcing Scheduled Export GA for Dashboard Studio