My splunk enterprise webserver is stuck as below and starting:
Checking http port : open
Checking mgmt port : open
Checking appserver port [127.0.0.1:8065]: open
Checking kvstore port : open
Checking configuration... Done.
Checking critical directories... Done
Validated: _audit _internal _introspection _telemetry _thefishbucket collectd history mail main secure summary unix_summary
Checking filesystem compatibility... Done
Checking conf files for problems...
Checking default conf files for edits...
Validating installed files against hashes from '/opt/splunk/splunk-7.3.0-657388c7a488-linux-2.6-x86_64-manifest'
File '/opt/splunk/etc/system/default/alert_actions.conf' changed.
File '/opt/splunk/etc/system/default/web.conf' changed.
Problems were found, please review your files and move customizations to local
All preliminary checks passed.
Starting splunk server daemon (splunkd)...
[ OK ]
Waiting for web server at https://127.0.0.1:8000 to be available...
First of all you should not be modifying the files present in $SPLUNK_HOME/etc/system/default location which is shipped by SPLUNK. If you want to modify them, please create a new .conf file in either $SPLUNK_HOME/etc/system/local or $SPLUNK_HOME/etc/apps//local directory with your setting.
Please check splunkd.log and see if you are getting any error there. It appears to me you have modified some settings in web.conf file in $SPLUNK_HOME/etc/system/default which might be causing this issue.