Deployment Architecture
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Repeated calls to Splunk list command on deployment server causes Splunk to crash

francis_larkin
New Member
‎06-27-2013 07:07 AM

I am writing a python based script to monitor splunk via the command line interface. Using cron we call a bash script that call the CLI from bash and write the output to flat files. The python script then is called to read these files, munge them, and create a status file that I make decisions with.

Originally we were calling the cli command using python subprocess but decided to move that outside python and do it in bash. This helped a little but eventually splunk crashed taking the analytics with it.

We are using splunk supplied by our vendor. Our current version is Splunk 4.3.4 (build 136012)

Any help is greatly appreciated....

0 Karma
Reply

francis_larkin
New Member
‎07-03-2013 06:22 AM

Problem solved...
I am working with a vendor that provides Splunk as part of their package. This is both good and bad. In the script I developed to monotier and report, I was writing one of my files to a folder that the vendor's software monitored. Whenever I updated that file (once a minute) then vendor's software kicked off a re-deployment on the deployment server. Since I was doing this every minute it eventually caused splunnd to throw up on my job scheduler and anaytics. Not writing to the folder fixed this issue. I am now using the REST interface to gather deploy-clinent, and search-server information one a minute without error.

0 Karma
Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey

Can’t make it to .conf25? Join us online!

Watch Global Broadcast
Get Updates on the Splunk Community!

Take Action Automatically on Splunk Alerts with Red Hat Ansible Automation Platform

 Are you ready to revolutionize your IT operations? As digital transformation accelerates, the demand for ...

Calling All Security Pros: Ready to Race Through Boston?

Hey Splunkers, .conf25 is heading to Boston and we’re kicking things off with something bold, competitive, and ...

Beyond Detection: How Splunk and Cisco Integrated Security Platforms Transform ...

Financial services organizations face an impossible equation: maintain 99.9% uptime for mission-critical ...