- Splunk Answers
- :
- Splunk Administration
- :
- Getting Data In
- :
- Re: Encounter errors when installing Splunk forwar...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
I have to reinstall Splunk on a different drive(from C:\ to D:) on our Windows 2003 domain controller.
When I tried to install again I've encountered these errors:
1)
Splunk installer was unable to enable Windows App
Splunk exicode = '2'
I closed it,it continues and encountered the 2nd error:
2)
Splunk installer was unable to start Splunk services
Please make sure you have provided the correct username and/or password,and the user you are trying to run Splunk as has the correct privileges. Exicode='1'
I've checked sevices.msc and splunkd and splunkweb are listed, but unable to start.
I have tried to install using the domain administrator account,and a user account that was given administrator privileges but both unsuccessful.
Now even when I tried to uninstall Splunk,splunkd and splunkweb doesn't get removed from services.msc, even after a reboot of the server.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Am not sure what went wrong here. But I've tested and started using WMI alternative to pull events from this server instead.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I am encountering the same issue with 4.3.2 I have tried a lot of different things (checked alternate machines, tried 4.3.1 etc) all running with admin rights. Can someone please post the remedy.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
thanks u so much !!!
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
SO do this:
1) Start > Run > services.msc 2) Find Splunkd 3) Right Click properties 4) Go to Log-on Tab 5) Re-fill in the: This Account Information 6) Click Apply 7) Click Ok 8) Start the 2 splunk services after allowing log-on services.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Having the same issue. I even logged into the server with the newly created splunk service account with Domain Admin priv and still have this message. Exitcode = 4
Any remedies?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Am not sure what went wrong here. But I've tested and started using WMI alternative to pull events from this server instead.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Splunk does not require a reboot to uninstall if Im not wrong.I simply uninstall the previous version of Splunk at C:\, before I attempt to install it again on D:\
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Did you uninstall Splunk cleanly before attempting to install again?
Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!
They're back! Join the SplunkTrust and MVP at .conf24
Enterprise Security Content Update (ESCU) | New Releases
