Re: splunk process compulsion stop

kobayashikenji · ‎05-24-2015

Hi

I want to kill the process of Splunk.
May be performed by specifying the "PID" with this command ?

kill -9 <PID>

There is no problem?

miteshvohra · ‎05-25-2015

You can kill all processes on 'splunkd' with

kill `ps -ef | grep splunkd | egrep -v grep | awk '{print $2}'`

But, just like @esix_splunk mentioned, make sure you restart Splunk with the correct user and that, using Splunk's native commands to Start/Stop/Restart the service is much cleaner.

Mitesh.

kobayashikenji · ‎05-25-2015

Thank you very much.
I wanted absolutely compulsion stop.
Normally, you run the answer @ esix_splunk.

kenji.

miteshvohra · ‎05-25-2015

@kobayashikenji I am bit curious to know about the purpose of force-stopping Splunk. 🙂

esix_splunk · ‎05-24-2015

This works, make sure when you restart Splunk, you are using the correct user.

But why not do '/opt/splunk/splunk stop' or 'service splunk stop'

kobayashikenji · ‎05-25-2015

If not stop at Splunk command,
Because I want to compulsion stop.
Normally, will use the "splunk stop".
Answer Thank you very much.

splunk process compulsion stop

They're back! Join the SplunkTrust and MVP at .conf24

Enterprise Security Content Update (ESCU) | New Releases

Detecting Remote Code Executions With the Splunk Threat Research Team