Deployment Architecture
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Search head cluster member does not come up after exec restart cmd from master

immortalraghava
Path Finder
‎11-07-2017 09:51 PM

Hi,

I have a three search head SHC.

I see that one SHC member going for restart but never comes back up. This is the log line.

INFO SHCSlave - event=SHPSlave::handleHeartbeatDone master has instructed peer to restart

SHC has three members with Dynamic captain.

What could be going wrong.

Please help.

0 Karma
Reply

lycollicott
Motivator
‎11-09-2017 09:07 AM

So many things could be going wrong...so very many.

What happens when you logon to that search head and just do splunk start?

0 Karma
Reply

p_gurav
Champion
‎11-08-2017 03:23 AM

Hi immortalraghavan,
Can you please tell me output of "/splunk show shcluster-status" command?

0 Karma
Reply

mayurr98
Super Champion
‎11-08-2017 03:17 AM

http://answers.splunk.com/answers/82275/why-is-my-windows-cluster-peer-node-continually-restarting

Essentially, directory permissions on /slave-apps/ on the search peer had been lost (why?) and directory was set to read only. As per the link above, resetting the permissions allowed the Cluster Master to once again populate the directory with the required apps.

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk App for Anomaly Detection End of Life Announcment

Q: What is happening to the Splunk App for Anomaly Detection?A: Splunk is officially announcing the ...

Aligning Observability Costs with Business Value: Practical Strategies

 Join us for an engaging Tech Talk on Aligning Observability Costs with Business Value: Practical ...

Mastering Data Pipelines: Unlocking Value with Splunk

 In today's AI-driven world, organizations must balance the challenges of managing the explosion of data with ...