Deployment Architecture

How do I run diagnostic tools without root access?

jason0
Path Finder

Hello, 

I have splunk starting up with systemd, and running as user splunk.    I went to run the performance tasks on my indexers.  Each of them failed.  under triggered collectors, it reads the collector stack trace failed.

I logged into the system in question, and looked at the splunk_rapid_diag.log file.  

tools_collector ERROR 139880958523200 - Error occurred for collector tcpdump while running `/usr/sbin/tcpdump -i any -w /tmp/tmpbkxib485/tcpdump_All_All.pcap`
Process finished with code=1

how do I run diagnostic tools without root access?

 

I expect this would affect any collectors using strace as well.

 

--jason

 

 

 

Labels (1)
0 Karma
Get Updates on the Splunk Community!

Introduction to Splunk Observability Cloud - Building a Resilient Hybrid Cloud

Introduction to Splunk Observability Cloud - Building a Resilient Hybrid Cloud  In today’s fast-paced digital ...

Observability protocols to know about

Observability protocols define the specifications or formats for collecting, encoding, transporting, and ...

Take Your Breath Away with Splunk Risk-Based Alerting (RBA)

WATCH NOW!The Splunk Guide to Risk-Based Alerting is here to empower your SOC like never before. Join Haylee ...