Getting Data In
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

1MB Forwarder license expiring?

Jason
Motivator
‎03-01-2011 02:46 PM

At a few customers now I have seen a 1MB (forwarder) license with an expiration of early March. I'm not sure where this came from - was this a bug?

user@host $ bin/splunk show license
Current Daily Usage Amount:     0
Expiration date:                2011-03-08T01:07:37-0500
Expiration State:               7
License level:                  1 MB
Product:                        Enterprise
License violations:
Max Violations:
Peak usage:                     0 MB
Days remaining:                 6 day(s)
Violation Period:
Tags (2)
Reply
1 Solution
Solved! Jump to solution
Solution

Ellen
Splunk Employee
Splunk Employee
‎03-02-2011 03:49 PM

This is a known issue. More details and options can be found here:
http://answers.splunk.com/questions/12167/why-is-the-license-on-the-forwarder-search-head-displaying...

View solution in original post

Reply
Solved! Jump to solution
Solution

Ellen
Splunk Employee
Splunk Employee
‎03-02-2011 03:49 PM

This is a known issue. More details and options can be found here:
http://answers.splunk.com/questions/12167/why-is-the-license-on-the-forwarder-search-head-displaying...

Reply
Solved! Jump to solution

Jason
Motivator
‎03-02-2011 03:58 PM

Thanks - This link actually has a copy of the correct license for folks out there. Good to know it's a known bug.

0 Karma
Reply
Solved! Jump to solution

yannK
Splunk Employee
Splunk Employee
‎03-02-2011 12:20 AM

A simple solution is to download a splunk 4.1.7 zip/tar.gz and use the forwarder license shipped in it /etc/splunk-forwarder.license

But at this step, why not upgrade directly to 4.1.7

Reply
Solved! Jump to solution

Jason
Motivator
‎03-02-2011 03:56 PM

Upgrading will not change the license by default.

0 Karma
Reply
Solved! Jump to solution

gkanapathy
Splunk Employee
Splunk Employee
‎03-01-2011 06:35 PM

This was a bug in one of the releases. You should be able to replace it with the forwarder license from a current release of Splunk. Note that this is mostly of no consequence on a forwarder, since the results of a license lockout are that you can't search, and there is (or should be) nothing to search on a forwarder.

0 Karma
Reply
Solved! Jump to solution

Jason
Motivator
‎03-10-2011 09:22 PM

But for other non-indexing uses, such as on a search head, it is of vital importance.

0 Karma
Reply
Solved! Jump to solution

David
Splunk Employee
Splunk Employee
‎03-01-2011 06:27 PM

There was a Splunk Answers a bit ago that said they accidentally shipped a bad forwarder.license in one release. It was a bit scant on details, so it's hard to confirm that it is your issue, but it certainly sounds like it.

http://answers.splunk.com/questions/11192/splunk-forwarder-license

Reply
Solved! Jump to solution

Jason
Motivator
‎03-02-2011 03:58 PM

More details (and proper license) in #12167.

0 Karma
Reply
Solved! Jump to solution

Jason
Motivator
‎03-01-2011 03:16 PM

The expiring license file starts with forwarder@splunk.com and the encrypted text began with RV7. When the license was changed to splunk-forwarder.license from the 4.1.6 64-bit linux tgz package, the date went back to 2020-06-08 as expected (that file starts with forwarder@splunk.com and the encrypted text starts with JbX).

0 Karma
Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey

Can’t make it to .conf25? Join us online!

Watch Global Broadcast
Get Updates on the Splunk Community!

Splunk Lantern’s Guide to The Most Popular .conf25 Sessions

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

Unlock What’s Next: The Splunk Cloud Platform at .conf25

In just a few days, Boston will be buzzing as the Splunk team and thousands of community members come together ...

Index This | How many sevens are there between 1 and 100?

August 2025 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this ...