Hi,
I installed splunk on Ubuntu 12.04 64-bit in GoGrid.
I have 8 clusters (1 master, 1 search node, 3 indexers, 3 forwarders). Installation completed successfully. But when I executed the command "ADD monitor \var\log" command in any of the indexer or in forwarder, to monitor \var\log directory, then splunkd stops running in that particular indexer or forwarder. Again when I remove monitor, everything works fine. Could you please let me know what may be the issue. I tried deleting all the clusters and created them once again and installed splunk. But I am facing the same problem again. Please let me know what I need to do know. Thanks for your help.
... View more