All Apps and Add-ons
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Cisco Secure eStreamer Client Add-On for Splunk - The python app stops working after a few days...

WPB
New Member
‎04-13-2023 02:19 PM

Our deployment of the Cisco eStreamer Add-on , installed on a Heavy Forwarder appears to be working properly in general.

However after a few days collecting data and sending it to Splunk in the cloud, the splencore Python application stops working, even though all processes are still showing as "running".

At that point, data stops flowing into the indexers and nothing shows up in the search heads.

As soon as we restart the eStreamer client using the following command, everything starts working again.

/opt/splunk/etc/apps/TA-eStreamer/bin/splencore.sh restart

Has anybody else experienced similar issues with the eStreamer Add-on?

Labels (1)
Labels
0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...

After a whole week of being on call, you fell asleep on your keyboard, and you hit a sequence of buttons that ...

SplunkTrust Application Period is Officially OPEN!

It's that time, folks! The application/nomination period for the 2026-2027 SplunkTrust is officially open. If ...

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...