Deployment Architecture
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

upgraded to 4.2, now deployment clients fail to connect to deployment-server

tpsplunk
Communicator
‎03-24-2011 11:31 PM

on tuesday i upgraded my deployment server, my searchhead and my 3 indexers from 4.1.6 to 4.2. I have not updated my LWFs. on my searchhead, indexers and LWF i now see the following error:

03-22-2011 16:28:50.591 WARN DeploymentClient - Unable to send phonehome message to deployment server. Error status is: rejected

the servers can connect to the deployment server listening port so it doesn't appear to be a network issue:

[splunk@indexer01~]$ telnet search01 8090 Trying x.x.x.x... Connected to search01 (x.x.x.x). Escape character is '^]'. ^]

how do I fix this? are there any debug logs i can turn on/look at to get a better idea of what exactly is failing?

Tags (1)
Reply
1 Solution
Solved! Jump to solution
Solution

Jason
Motivator
‎04-13-2011 06:58 PM

I have noticed that the 4.2 Forwarder license does not seem to allow Deployment Server to run:

$ ./splunk list deploy-clients
Current license does not allow the requested action
$ ./splunk reload deploy-server
Current license does not allow the requested action

On the logs of a client:

WARN DeploymentClient - Unable to send phonehome message to deployment server. Error status is: rejected

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

Jason
Motivator
‎04-13-2011 06:58 PM

I have noticed that the 4.2 Forwarder license does not seem to allow Deployment Server to run:

$ ./splunk list deploy-clients
Current license does not allow the requested action
$ ./splunk reload deploy-server
Current license does not allow the requested action

On the logs of a client:

WARN DeploymentClient - Unable to send phonehome message to deployment server. Error status is: rejected
0 Karma
Reply
Solved! Jump to solution

tpsplunk
Communicator
‎04-26-2011 02:28 PM

i forgot to update this with the solution, but jason is right. the 4.2 forwarder license does not allow the deployment server to run. I had to add the deployment server to my 4.2 license pool and it started successfully after that.

0 Karma
Reply
Solved! Jump to solution

tpsplunk
Communicator
‎03-25-2011 08:29 PM

support noted that in my deployment sever splunkd_access.log I have lots of lines like this: "POST /services/broker/phonehome/ HTTP/1.0" 404 200 - - - 41ms. which means my deployment clients are trying to POST to /services/broker/phonehome/, but are getting a 404 (file not found) response. still digging into what that means and how its happening.

0 Karma
Reply
Solved! Jump to solution

tpsplunk
Communicator
‎03-25-2011 07:49 PM

i also installed the 4.2 universal forwarder on a couple hosts and they also get the same error when trying to connect to the deployment server.

0 Karma
Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey

Can’t make it to .conf25? Join us online!

Watch Global Broadcast
Get Updates on the Splunk Community!

Leveraging Automated Threat Analysis Across the Splunk Ecosystem

Are you leveraging automation to its fullest potential in your threat detection strategy?Our upcoming Security ...

Can’t Make It to Boston? Stream .conf25 and Learn with Haya Husain

Boston may be buzzing this September with Splunk University and .conf25, but you don’t have to pack a bag to ...

Splunk Lantern’s Guide to The Most Popular .conf25 Sessions

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...