Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Solved! Jump to solution

1MB Forwarder license expiring?

Jason
Motivator
‎03-01-2011 02:46 PM

At a few customers now I have seen a 1MB (forwarder) license with an expiration of early March. I'm not sure where this came from - was this a bug?

user@host $ bin/splunk show license
Current Daily Usage Amount:     0
Expiration date:                2011-03-08T01:07:37-0500
Expiration State:               7
License level:                  1 MB
Product:                        Enterprise
License violations:
Max Violations:
Peak usage:                     0 MB
Days remaining:                 6 day(s)
Violation Period:
Tags (2)
Reply
1 Solution
Solved! Jump to solution
Solution

Ellen
Splunk Employee
Splunk Employee
‎03-02-2011 03:49 PM

This is a known issue. More details and options can be found here:
http://answers.splunk.com/questions/12167/why-is-the-license-on-the-forwarder-search-head-displaying...

View solution in original post

Reply
Solved! Jump to solution
Solution

Ellen
Splunk Employee
Splunk Employee
‎03-02-2011 03:49 PM

This is a known issue. More details and options can be found here:
http://answers.splunk.com/questions/12167/why-is-the-license-on-the-forwarder-search-head-displaying...

Reply
Solved! Jump to solution

Jason
Motivator
‎03-02-2011 03:58 PM

Thanks - This link actually has a copy of the correct license for folks out there. Good to know it's a known bug.

0 Karma
Reply
Solved! Jump to solution

yannK
Splunk Employee
Splunk Employee
‎03-02-2011 12:20 AM

A simple solution is to download a splunk 4.1.7 zip/tar.gz and use the forwarder license shipped in it /etc/splunk-forwarder.license

But at this step, why not upgrade directly to 4.1.7

Reply
Solved! Jump to solution

Jason
Motivator
‎03-02-2011 03:56 PM

Upgrading will not change the license by default.

0 Karma
Reply
Solved! Jump to solution

gkanapathy
Splunk Employee
Splunk Employee
‎03-01-2011 06:35 PM

This was a bug in one of the releases. You should be able to replace it with the forwarder license from a current release of Splunk. Note that this is mostly of no consequence on a forwarder, since the results of a license lockout are that you can't search, and there is (or should be) nothing to search on a forwarder.

0 Karma
Reply
Solved! Jump to solution

Jason
Motivator
‎03-10-2011 09:22 PM

But for other non-indexing uses, such as on a search head, it is of vital importance.

0 Karma
Reply
Solved! Jump to solution

David
Splunk Employee
Splunk Employee
‎03-01-2011 06:27 PM

There was a Splunk Answers a bit ago that said they accidentally shipped a bad forwarder.license in one release. It was a bit scant on details, so it's hard to confirm that it is your issue, but it certainly sounds like it.

http://answers.splunk.com/questions/11192/splunk-forwarder-license

Reply
Solved! Jump to solution

Jason
Motivator
‎03-02-2011 03:58 PM

More details (and proper license) in #12167.

0 Karma
Reply
Solved! Jump to solution

Jason
Motivator
‎03-01-2011 03:16 PM

The expiring license file starts with forwarder@splunk.com and the encrypted text began with RV7. When the license was changed to splunk-forwarder.license from the 4.1.6 64-bit linux tgz package, the date went back to 2020-06-08 as expected (that file starts with forwarder@splunk.com and the encrypted text starts with JbX).

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Unlocking Unified Insights: New Gigamon Federated Search App for Splunk

In today’s data-heavy environment, organizations are caught in a data distribution dilemma. As data volumes ...

GA: New Data Management App in Splunk Platform

Streamlining Data Management: Introducing a unified experience in Splunk Managing data at scale shouldn’t feel ...

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...