Still same problem.

bin]# ./splunk start

Splunk> The Notorious B.I.G. D.A.T.A.

Checking prerequisites...
Checking http port [10.244.161.7:8000]: open
Checking mgmt port [10.244.161.7:8089]: open
Checking appserver port [127.0.0.1:8065]: open
Checking kvstore port [10.244.161.7:8191]: open
Checking configuration... Done.
Checking critical directories... Done
Checking indexes...
Validated: _audit _internal _introspection _telemetry _thefishbu cket checkfwd eqalis_network_sample firewall history itau main mwg_audit os osse c perfmon snort_cardholder snort_servidores sos sos_summary_daily summary summar y_forwarders summary_hosts summary_indexers summary_pools summary_sources summar y_sourcetypes syslog tp_win_sec tp_win_servers windows wineventlog
Done

Bypassing local license checks since this instance is configured with a remote l icense master.

    Checking filesystem compatibility...  Done
    Checking conf files for problems...
            Improper stanza [dhcpd_server_dhcprelease] in /opt/splunk/etc/ap                                                                                                                                                                                                                                             ps/unix/default/tags.conf, line 30
            Your indexes and inputs configurations are not internally consis                                                                                                                                                                                                                                             tent. For more information, run 'splunk btool check --debug'
    Done
    Checking default conf files for edits...
    Validating installed files against hashes from '/opt/splunk/splunk-6.6.3                                                                                                                                                                                                                                             -e21ee54bc796-linux-2.6-x86_64-manifest'
    All installed files intact.
    Done

All preliminary checks passed.

Starting splunk server daemon (splunkd)...
Done
[ OK ]

Waiting for web server at https://10.244.161.7:8000 to be available... Done

If you get stuck, we're here to help.
Look for answers here: http://docs.splunk.com

The Splunk web interface is at https://10.244.161.7:8000

Splunk started perfectly fine, only one warning message because you are using old version of Splunk App for Unix and Linux. Please upgrade that, you might need to remove old unix app because new app folder name has been chanegd to splunk_app_for_nix

After i log with my credentials i get an "500 Internal Error" doesnt matter the username.

Any error in $SPLUNK_HOME/var/log/splunk/web_service.log ?

Yes
link text

Yes.

Pastebin log

https://pastebin.com/iBN3aLV2

Looks like some cherrypy session related problem , I'll suggest to open case with splunk support.

http doesnt work, only https.
The error occur after i login with my credentials.
I dont know what to do.

*> # ./splunk start

Splunk> Now with more code!

Checking prerequisites...
Checking http port [10.244.161.7:8000]: open
Checking mgmt port [10.244.161.7:8089]: open
Checking appserver port [127.0.0.1:8065]: open
Checking kvstore port [10.244.161.7:8191]: open
Checking configuration... Done.
Checking critical directories... Done
Checking indexes...
Validated: _audit _internal _introspection _telemetry _thefishbu cket checkfwd eqalis_network_sample
firewall history itau main mwg_audit
os osse

c perfmon snort_cardholder
snort_servidores sos sos_summary_daily
summary summar

y_forwarders summary_hosts
summary_indexers summary_pools
summary_sources summar

y_sourcetypes syslog tp_win_sec
tp_win_servers windows wineventlog
Done

Bypassing local license checks since
this instance is configured with a
remote l

icense master.

    Checking filesystem compatibility...  Done
    Checking conf files for problems...
            Improper stanza [dhcpd_server_dhcprelease] in

/opt/splunk/etc/ap

ps/unix/default/tags.conf, line 30
Invalid key in stanza [email] in
/opt/splunk/etc/system/local/al

ert_actions.conf, line 5:
reportServerEnabled (value: 1).
Invalid key in stanza [email] in
/opt/splunk/etc/system/local/al

ert_actions.conf, line 6:
reportServerURL (value: ).
Your indexes and inputs configurations are not
internally consis

tent. For more information, run
'splunk btool check --debug'
Done
Checking default conf files for edits...
Validating installed files against hashes from
'/opt/splunk/splunk-6.6.3

-e21ee54bc796-linux-2.6-x86_64-manifest'
All installed files intact.
Done All preliminary checks passed.

Starting splunk server daemon
(splunkd)... Done
[ OK ]

Waiting for web server at
https://10.244.161.7:8000 to be
available... Done

If you get stuck, we're here to help.
Look for answers here:
http://docs.splunk.com

The Splunk web interface is at
https://10.244.161.7:8000*

Are other users experiencing the same problem or just you? It could be ssl related. Are you running in a distributed environment, can you log in to other servers?

I can see you have a few conf errors as well - this link should help you fix those old values for the conf files:
https://answers.splunk.com/answers/548915/after-a-successful-upgrade-from-621-to-661-we-are.html

All users on the same splunk indexer are experiencing the error, the others with older enterprise version have no problem.
What can be causing it? The server only runs splunk enterprise.