Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Encounter errors when installing Splunk forwarder on Windows 2003 DC

remy06
Contributor
‎10-08-2010 04:22 AM

Hi,

I have to reinstall Splunk on a different drive(from C:\ to D:) on our Windows 2003 domain controller.

When I tried to install again I've encountered these errors:
1)
Splunk installer was unable to enable Windows App
Splunk exicode = '2'

I closed it,it continues and encountered the 2nd error:
2)
Splunk installer was unable to start Splunk services
Please make sure you have provided the correct username and/or password,and the user you are trying to run Splunk as has the correct privileges. Exicode='1'

I've checked sevices.msc and splunkd and splunkweb are listed, but unable to start.

I have tried to install using the domain administrator account,and a user account that was given administrator privileges but both unsuccessful.

Now even when I tried to uninstall Splunk,splunkd and splunkweb doesn't get removed from services.msc, even after a reboot of the server.

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

remy06
Contributor
‎10-21-2010 04:04 AM

Am not sure what went wrong here. But I've tested and started using WMI alternative to pull events from this server instead.

View solution in original post

0 Karma
Reply
Solved! Jump to solution

amN0P
Explorer
‎06-15-2012 02:34 PM

I am encountering the same issue with 4.3.2 I have tried a lot of different things (checked alternate machines, tried 4.3.1 etc) all running with admin rights. Can someone please post the remedy.

0 Karma
Reply
Solved! Jump to solution

ngoctuanqn
New Member
‎03-25-2011 03:24 AM

thanks u so much !!!

0 Karma
Reply
Solved! Jump to solution

jlford30
Explorer
‎02-03-2011 07:59 PM

SO do this:

1) Start > Run > services.msc 2) Find Splunkd 3) Right Click properties 4) Go to Log-on Tab 5) Re-fill in the: This Account Information 6) Click Apply 7) Click Ok 8) Start the 2 splunk services after allowing log-on services.

Reply
Solved! Jump to solution

jlford30
Explorer
‎02-03-2011 07:42 PM

Having the same issue. I even logged into the server with the newly created splunk service account with Domain Admin priv and still have this message. Exitcode = 4

Any remedies?

0 Karma
Reply
Solved! Jump to solution
Solution

remy06
Contributor
‎10-21-2010 04:04 AM

Am not sure what went wrong here. But I've tested and started using WMI alternative to pull events from this server instead.

0 Karma
Reply
Solved! Jump to solution

remy06
Contributor
‎10-11-2010 01:55 AM

Splunk does not require a reboot to uninstall if Im not wrong.I simply uninstall the previous version of Splunk at C:\, before I attempt to install it again on D:\

0 Karma
Reply
Solved! Jump to solution

ftk
Motivator
‎10-08-2010 01:11 PM

Did you uninstall Splunk cleanly before attempting to install again?

0 Karma
Reply
Get Updates on the Splunk Community!

Join Us for Splunk University and Get Your Bootcamp Game On!

If you know, you know! Splunk University is the vibe this summer so register today for bootcamps galore ...

.conf24 | Learning Tracks for Security, Observability, Platform, and Developers!

.conf24 is taking place at The Venetian in Las Vegas from June 11 - 14. Continue reading to learn about the ...

Announcing Scheduled Export GA for Dashboard Studio

We're excited to announce the general availability of Scheduled Export for Dashboard Studio. Starting in ...