Deployment Architecture
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forย 
Search instead forย 
Did you mean:ย 
Ask a Question

Why is a Splunk forwarder creating a zombie process when starting via systemd?

rayrayrayray
New Member
โ€Ž02-14-2019 08:05 AM

I have installed version 7.2.4 of the Splunk Forwarder from the deb package on a x64 Ubuntu 18.04.1 LTS system. After the install, I used this command to generate the systemd unit file.

/opt/splunkforwarder/bin/splunk enable boot-start -user splunk --accept-license --no-prompt --answer-yes

The service starts and runs without any issue, but I'm always left with a zombie process on my system. If I stop the SplunkForwarder service, it goes away, and comes back when it's started again.

*USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
splunk 29920 0.0 0.0 0 0 ? Z 10:55 0:00 [systemctl] *

Does anyone know a way to get rid of this?

0 Karma
Reply

rayrayrayray
New Member
โ€Ž05-20-2019 08:09 AM

I've upgraded to 7.2.6 and it looks like the issue is resolved.

0 Karma
Reply

sreechallagundl
New Member
โ€Ž05-20-2019 08:35 AM

thanks ray... but why its coming, i didn't see any documentation from splunk GCS team, seems they even didn't bother about it...

0 Karma
Reply

ptcrusher
New Member
โ€Ž05-20-2019 02:34 AM

Were you able to sort it out? I'm facing the exact same issue

Thanks in advance

0 Karma
Reply