- Splunk Answers
- :
- Using Splunk
- :
- Dashboards & Visualizations
- :
- Failed to fetch data: Admin handler 'win-perfmon-f...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Failed to fetch data: Admin handler 'win-perfmon-find-collection' not found.
I've managed to build my first graph and dashboard, which is supposed to monitor the free disk space of a remote host.
The remote host is a Windows OS while Splunk Enterprise is installed on a Unix system.
When I create an indexer with some parameters to pull '% Free Space' from the Universal Forwarder (the remote host I want to monitor), I almost immediately receive data from it. I set polling interval to 60s
I create a Search and build a line chart from it which is now displayed on my dashboard.
However, it seems that no data is added anymore. Executing a search is not showing any new events, even though the interval should be 60s.
Using Splunk Web, I go to 'Data inputs' > 'Local performance monitoring' > Select the input I just created
I see the following errors: Failed to fetch data: Admin handler 'win-perfmon-find-collection' not found.
This error is displayed for 'Available objects', 'Counters', 'Instances'
I'm suspecting that this error is the cause that my graph is not being updated.
- How can I resolve this error?
- How can I resolve the issue with my graph?
Know that I didn't add additional lines in any config file.
Let me know if more information is needed.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I am experiencing the same issue. We have Splunk 7.1 on Linux and I am trying to monitor Windows infrastructure. I've deployed the Splunk app for Windows Infrastructure + all the related add-ons and when I go to "Settings" -> "Data Inputs" -> "Forwarded Inputs" -> "Windows Performance Monitoring" I am presented with a screen that says "Local Performance Monitoring". That is strange?!
Also, when I try to dig further down from there, e.g. I click on the "Processor" input I receive the above mentioned error message "Failed to fetch data: Admin handler 'win-perfmon-find-collection' not found." all over the screen.
Should I ignore this message, or there's an issue with my configuration? All the forwarders are installed on Windows desktops and servers with Local System account.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I found an answer to my second question.
I added the following config to the 'inputs.conf' file on the Universal Forwarder
[perfmon://match the name in splunk web - data input]
disabled = 0
counters = % Free Space
instances = *
interval = 60
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I installed Splunk Universal Forwarder as 'Local User'
Announcing Scheduled Export GA for Dashboard Studio
Extending Observability Content to Splunk Cloud
More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!
