- Find Answers
- :
- Using Splunk
- :
- Other Using Splunk
- :
- Alerting
- :
- Re: How to resolve error "Upload failed with ERROR...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
How to resolve error "Upload failed with ERROR : Read Timeout for the log file" when uploading a generated alert log to Splunk?
Hi,
I tried to upload the generated alert to Splunk with the function "Upload File" After few mins, it shows "Upload failed with ERROR : Read Timeout for the log file".
It could related with the format of generated alert. But I don't know what is issue with alert log, which is in own format.
The error message is pretty general for ""Upload failed with ERROR : Read Timeout for the log file" " How can I know the exact issue and change the file?
Thank you!
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
1. Browse to the location of "server.conf" file assuming you've installed Splunk in /opt/splunk and edit it: $ sudo nano /opt/splunk/etc/system/local/server.conf
2. From the "server.conf" file, go to the bottom of the screen and in a new line, press Enter and then add:
[diskUsage]
minFreeSpace = 10
3. Save the "server.conf" file
4. Restart Splunk Service: $ sudo /opt/splunk/bin/splunk stop
5. Upload the file.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
If you are talking about the Fundamentals 1 training, I resolved the issue by editing $SPLUNK_HOME/etc/system/local/server/conf
and adding
[diskUsage]
minFreeSpace = 10
description for this stanza and what it does is in http://docs.splunk.com/Documentation/Splunk/latest/Admin/Serverconf
,
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I got the same error "Upload failed with ERROR : Read Timeout". Please help
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
1. Browse to the location of "server.conf" file assuming you've installed Splunk in /opt/splunk and edit it: $ sudo nano /opt/splunk/etc/system/local/server.conf
2. From the "server.conf" file, go to the bottom of the screen and in a new line, press Enter and then add:
[diskUsage]
minFreeSpace = 10
3. Save the "server.conf" file
4. Restart Splunk Service: $ sudo /opt/splunk/bin/splunk stop
5. Upload the file.
Splunk Enterprise Security 8.0.2 Availability: On cloud and On-premise!
Logs to Metrics
Developer Spotlight with Paul Stout
