- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Installed the Add-on as per eStreamereNcoreOperationsGuide_30.pdf operations guide ( Thanks doughlas for the details). when there is no data received from the sourcefire, we still see the error message "msg="A script exited abnormally" input="./bin/splencore.sh clean" stanza="default" status="exited with code 1". would this go when the data is received or is this an issue?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes, we had our install in a diff dir from '/opt', so had to update splencore.sh SPLUNK_HOME env variable and datfilespath as per our install directory. Then updated clean() function to check for a dir/files (datafilespath) before deleting the log files, as when there are no log/data files, the clean runs and fails.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
BTW, 3.5.4 is now the latest version. Bug fixes and huge performance improvements for multi-core installations. New docs too.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes, we had our install in a diff dir from '/opt', so had to update splencore.sh SPLUNK_HOME env variable and datfilespath as per our install directory. Then updated clean() function to check for a dir/files (datafilespath) before deleting the log files, as when there are no log/data files, the clean runs and fails.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
did you get this resolved?
