Deployment Architecture
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

unable start forwarder

st88
Loves-to-Learn
‎05-27-2021 03:10 PM

i can't start forwarder i take this error:

Starting splunk server daemon (splunkd)...
SplunkForwarder: Unable to start the service: Access is denied.

0 Karma
Reply

SamHTexas
Builder
‎06-07-2021 01:52 PM

Not sure if the management port you have listed above 9089 is correct. I have used 8089 for the longest time.

0 Karma
Reply

richgalloway
SplunkTrust
SplunkTrust
‎05-27-2021 05:21 PM

Verify the files are owned by the right user. Confirm you are starting Splunk as that user.

For more suggestions, tell us more about the problem.  Is this a fresh installation?  Has it ever worked?  What platform?  How was the forwarder installed?  How are you trying to start it?

---
If this reply helps you, Karma would be appreciated.
0 Karma
Reply

st88
Loves-to-Learn
‎05-28-2021 12:32 AM

How can i verify the files are owned by the right user and start splunk from this user?

0 Karma
Reply

richgalloway
SplunkTrust
SplunkTrust
‎05-28-2021 07:12 AM

Yeah, that was more of a Linux answer than a Windows answer.  Sorry about that.

I wonder if maybe the virtualization is causing the problem.  Have you tried installing the forwarder directly on the host system?  Why not use a Linux VM?

---
If this reply helps you, Karma would be appreciated.
0 Karma
Reply

st88
Loves-to-Learn
‎05-28-2021 12:25 AM

Yes it is first installation on windows virtual box on windows host, also it has never worked. I installed from gui installer and i am truing to start by splunk start or splunk restart on command line and i get the following:

 

Checking prerequisites...
        Checking mgmt port [9089]: open
        Checking conf files for problems...
        Done
        Checking default conf files for edits...
        Validating installed files against hashes from 'C:\Program Files\SplunkUniversalForwarder\splunkforwarder-8.2.0-e053ef3c985f-windows-64-manifest'
        All installed files intact.
        Done
All preliminary checks passed.

Starting splunk server daemon (splunkd)...
SplunkForwarder: Unable to start the service: Access is denied.
 
 
 
 
0 Karma
Reply

splnkuserav
Observer
‎06-19-2021 02:00 PM

I am seeing same error.  Did this ever get resolved?

Thanks!

0 Karma
Reply
Get Updates on the Splunk Community!

Data Management Digest – December 2025

Welcome to the December edition of Data Management Digest! As we continue our journey of data innovation, the ...

Index This | What is broken 80% of the time by February?

December 2025 Edition   Hayyy Splunk Education Enthusiasts and the Eternally Curious!    We’re back with this ...

Unlock Faster Time-to-Value on Edge and Ingest Processor with New SPL2 Pipeline ...

Hello Splunk Community,   We're thrilled to share an exciting update that will help you manage your data more ...