Join the Conversation
- Find Answers
- :
- Apps & Add-ons
- :
- All Apps and Add-ons
- :
- All Apps and Add-ons
- :
- ADMon ldap_get_values error
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
ADMon ldap_get_values error
I just updated our Splunk Universal Forwarder that is running admon from 4.2.3 to 5.0.4. After the upgrade, admon is continuing to log events, but I also am getting about 12 of these errors every minute from the forwarder running admon:
09-18-2013 01:35:02.621 -0500 ERROR ExecProcessor - message from ""C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe" -index activedirectory" splunk-admon - ProcessMessage: ldap_get_values error
Since admon appears to be working, I'm not sure what the errors indicate.
As of 4/27/14, my support case on the issue is still "Waiting on Dev"...
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
We are getting these errors on several servers, and have had 3 servers become unresponsive due to the problem. Here is a message from one of the servers (running Win Server 2008 64-bit):
Log Name: System
Source: Microsoft-Windows-Resource-Exhaustion-Detector
Date: 3/25/2014 11:19:56 AM
Event ID: 2004
Task Category: Resource Exhaustion Diagnosis Events
Level: Warning
Keywords: Events related to exhaustion of system commit limit (virtual memory).
User: SYSTEM
Computer: W12620.#########.###
Description:
Windows successfully diagnosed a low virtual memory condition. The following programs consumed the most virtual memory: splunk-admon.exe (564) consumed 15444475904 bytes, svchost.exe (856) consumed 276242432 bytes, and Microsoft.Dynamics.Integration.Service.exe (1512) consumed 208461824 bytes.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Still waiting on support...
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I am also receiving the same errors. did anyone find any solution ?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I am receiving the same errors and will continue to look for a solution.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
As of 11/12/2013, Splunk support still does not have a fix or known root cause.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I am receiving the same errors after an install of a UF (5.0.4) on a DC. Did you find a solution to this? Thanks.
Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!
Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.
Index This | What travels the world but is also stuck in place?
Discover New Use Cases: Unlock Greater Value from Your Existing Splunk Data
Continue Your Journey: Join Session 2 of the Data Management and Federation Bootcamp ...
