- Apps and Add-ons
- :
- All Apps and Add-ons
- :
- How do I correct a license violation?
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
How do I correct a license violation?
Correct by midnight to avoid violation
This pool is over poolsz=524288000 bytes, please correct before midnight auto_generated_pool_download-trial
download-trial
pool_over_quota
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Reduce your throughput. Essentially it means you have indexed more than your licence allows in the last day. You cannot correct a violation that has already happened. You can only wait for it to expire. You are using a 500MB/day trial licence.
On an enterprise licence you if you exceed your daily throughput 5 times in any 30 day window (3 times on a free licence) your search facilities will be suspended until the first instance has expired from the window. If push comes to shove and some anomaly pushes you out of your licence capacity temporarily, Splunk can issue a reset licence.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
If you are pumping in historical data, then yes it is very easy to blow your licence, because it attaches to the day of indexing, not the timestamp of the record. As for correction, it means correct the problem causing you to exceed. You can't do anything to correct a day already over, other than request a reset licence. BUT, if you know you are going to blow your cap for a day, you may as well make the most of it. If you are pumping in historic data, try to get it all through in a day. Either that or throttle back, because after the fifth day you will be locked out of the UI.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I just started with Splunk I am indexing historical data for the first time. I have messed up a few times and had to uninstall and reinstall.
I am still setting up my forwarders: two IIS folder locations and 1 SQL table with 4 columns nothing special.
It said I had to correct the violation and I am curious on how to do that. I am also curious as if my search is disabled or if my new forwarder I not working.
How do I know if the forwarder is broke or search is disabled?
- I am on day 2 of using Splunk and like most problems in IT it boils down to licensing. *
Announcing Scheduled Export GA for Dashboard Studio
Extending Observability Content to Splunk Cloud
More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!
