Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Solved! Jump to solution

Encounter errors when installing Splunk forwarder on Windows 2003 DC

remy06
Contributor
‎10-08-2010 04:22 AM

Hi,

I have to reinstall Splunk on a different drive(from C:\ to D:) on our Windows 2003 domain controller.

When I tried to install again I've encountered these errors:
1)
Splunk installer was unable to enable Windows App
Splunk exicode = '2'

I closed it,it continues and encountered the 2nd error:
2)
Splunk installer was unable to start Splunk services
Please make sure you have provided the correct username and/or password,and the user you are trying to run Splunk as has the correct privileges. Exicode='1'

I've checked sevices.msc and splunkd and splunkweb are listed, but unable to start.

I have tried to install using the domain administrator account,and a user account that was given administrator privileges but both unsuccessful.

Now even when I tried to uninstall Splunk,splunkd and splunkweb doesn't get removed from services.msc, even after a reboot of the server.

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

remy06
Contributor
‎10-21-2010 04:04 AM

Am not sure what went wrong here. But I've tested and started using WMI alternative to pull events from this server instead.

View solution in original post

0 Karma
Reply
Solved! Jump to solution

amN0P
Explorer
‎06-15-2012 02:34 PM

I am encountering the same issue with 4.3.2 I have tried a lot of different things (checked alternate machines, tried 4.3.1 etc) all running with admin rights. Can someone please post the remedy.

0 Karma
Reply
Solved! Jump to solution

ngoctuanqn
New Member
‎03-25-2011 03:24 AM

thanks u so much !!!

0 Karma
Reply
Solved! Jump to solution

jlford30
Explorer
‎02-03-2011 07:59 PM

SO do this:

1) Start > Run > services.msc 2) Find Splunkd 3) Right Click properties 4) Go to Log-on Tab 5) Re-fill in the: This Account Information 6) Click Apply 7) Click Ok 8) Start the 2 splunk services after allowing log-on services.

Reply
Solved! Jump to solution

jlford30
Explorer
‎02-03-2011 07:42 PM

Having the same issue. I even logged into the server with the newly created splunk service account with Domain Admin priv and still have this message. Exitcode = 4

Any remedies?

0 Karma
Reply
Solved! Jump to solution
Solution

remy06
Contributor
‎10-21-2010 04:04 AM

Am not sure what went wrong here. But I've tested and started using WMI alternative to pull events from this server instead.

0 Karma
Reply
Solved! Jump to solution

remy06
Contributor
‎10-11-2010 01:55 AM

Splunk does not require a reboot to uninstall if Im not wrong.I simply uninstall the previous version of Splunk at C:\, before I attempt to install it again on D:\

0 Karma
Reply
Solved! Jump to solution

ftk
Motivator
‎10-08-2010 01:11 PM

Did you uninstall Splunk cleanly before attempting to install again?

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...

Observability Simplified: Combining User Experience, Application Performance & ...

Tech Talk Observability Simplified: Combining User Experience, Application Performance & Network ...

Event Series May & June: From Network Visibility to Service Intelligence

Unifying the Network: Moving from Alert Noise to Service Intelligence with Splunk ITSI In today’s hybrid ...