Building for the Splunk Platform
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Splunk Installer was unable to create Splunk services

lexluthor
Explorer
‎05-01-2012 09:10 AM

I installed Splunk for the first time, and I decided to move the install to another drive.

I uninstalled Splunk and restarted and got this error:

"Splunk Installer was unable to create
Splunk services. Please make sure the
user running the installer has the
correct privileges, including being
able to create Windows Services.
Exitcode='1'"

I checked for the services in services.msc; there was nothing there. I tried sc delete , just in case. I cleaned the registry. I searched the registry for anything splunk related and found nothing. I looked in msconfig for anything related.

As far as I know, Windows 7
does not allow me to run .msi packages
as admin by right-clicking, and going
into properties.

I ran the .msi package as admin using cmd. I read the logs and there's a python error in the log regarding ssl certificates: %LocalAppData%\Temp\Splunk-108.3.26786.log

> if
> normalizeBoolean(serverconf['sslConfig'].get('requireClientCert')):
> KeyError: 'sslConfig'
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

lexluthor
Explorer
‎05-01-2012 02:26 PM

I hate to speculate but perhaps it's only nagging because I installed it on C:\ first, where it infused its SSL certificates, and then tried to install it on another drive where those certificates were unavailable--on my Z: drive. Anyway, at least for me, the problem stems from the program insisting on being installed on the C:\ drive. It installed fine when I finally tried to just re-install it on C:.

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

lexluthor
Explorer
‎05-01-2012 02:26 PM

I hate to speculate but perhaps it's only nagging because I installed it on C:\ first, where it infused its SSL certificates, and then tried to install it on another drive where those certificates were unavailable--on my Z: drive. Anyway, at least for me, the problem stems from the program insisting on being installed on the C:\ drive. It installed fine when I finally tried to just re-install it on C:.

0 Karma
Reply
Solved! Jump to solution

yannK
Splunk Employee
Splunk Employee
‎05-01-2012 11:20 AM

it smells like a permission issue.
On windows, you can run a cmd window as admin by editing the cmd shortcut options.
see http://www.howtogeek.com/howto/windows-vista/run-a-command-as-administrator-from-the-windows-vista-r...

Once done :

  • using the cmd line try to recreate the service using
    splunk disable boot-start
    splunk enable boot-start
    then check in the services to verify

  • or uninstall / clean the folders / then reinstall using the admin cmd line.

Reply
Solved! Jump to solution

lexluthor
Explorer
‎05-01-2012 02:29 PM

I agree with "permission issue," but not necessarily in the "Windows" sense of the word. I think the permission issues are within the program itself.

0 Karma
Reply
Solved! Jump to solution

lexluthor
Explorer
‎05-01-2012 02:16 PM

I explained above that I ran the program with admin credentials via cmd. I would be unable to use any splunk command as the application was not installed. I already did everything else you said as I stated above. 🙂 But thanks for the help.

0 Karma
Reply
Get Updates on the Splunk Community!

There's No Place Like Chrome and the Splunk Platform

Watch On DemandMalware. Risky Extensions. Data Exfiltration. End-users are increasingly reliant on browsers to ...

The Great Resilience Quest: 5th Leaderboard Update

The fifth leaderboard update for The Great Resilience Quest is out >> 🏆 Check out the ...

Devesh Logendran, Splunk, and the Singapore Cyber Conquest

At this year’s Splunk University, I had the privilege of chatting with Devesh Logendran, one of the winners in ...