Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Encounter errors when installing Splunk forwarder on Windows 2003 DC

remy06
Contributor
‎10-08-2010 04:22 AM

Hi,

I have to reinstall Splunk on a different drive(from C:\ to D:) on our Windows 2003 domain controller.

When I tried to install again I've encountered these errors:
1)
Splunk installer was unable to enable Windows App
Splunk exicode = '2'

I closed it,it continues and encountered the 2nd error:
2)
Splunk installer was unable to start Splunk services
Please make sure you have provided the correct username and/or password,and the user you are trying to run Splunk as has the correct privileges. Exicode='1'

I've checked sevices.msc and splunkd and splunkweb are listed, but unable to start.

I have tried to install using the domain administrator account,and a user account that was given administrator privileges but both unsuccessful.

Now even when I tried to uninstall Splunk,splunkd and splunkweb doesn't get removed from services.msc, even after a reboot of the server.

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

remy06
Contributor
‎10-21-2010 04:04 AM

Am not sure what went wrong here. But I've tested and started using WMI alternative to pull events from this server instead.

View solution in original post

0 Karma
Reply
Solved! Jump to solution

amN0P
Explorer
‎06-15-2012 02:34 PM

I am encountering the same issue with 4.3.2 I have tried a lot of different things (checked alternate machines, tried 4.3.1 etc) all running with admin rights. Can someone please post the remedy.

0 Karma
Reply
Solved! Jump to solution

ngoctuanqn
New Member
‎03-25-2011 03:24 AM

thanks u so much !!!

0 Karma
Reply
Solved! Jump to solution

jlford30
Explorer
‎02-03-2011 07:59 PM

SO do this:

1) Start > Run > services.msc 2) Find Splunkd 3) Right Click properties 4) Go to Log-on Tab 5) Re-fill in the: This Account Information 6) Click Apply 7) Click Ok 8) Start the 2 splunk services after allowing log-on services.

Reply
Solved! Jump to solution

jlford30
Explorer
‎02-03-2011 07:42 PM

Having the same issue. I even logged into the server with the newly created splunk service account with Domain Admin priv and still have this message. Exitcode = 4

Any remedies?

0 Karma
Reply
Solved! Jump to solution
Solution

remy06
Contributor
‎10-21-2010 04:04 AM

Am not sure what went wrong here. But I've tested and started using WMI alternative to pull events from this server instead.

0 Karma
Reply
Solved! Jump to solution

remy06
Contributor
‎10-11-2010 01:55 AM

Splunk does not require a reboot to uninstall if Im not wrong.I simply uninstall the previous version of Splunk at C:\, before I attempt to install it again on D:\

0 Karma
Reply
Solved! Jump to solution

ftk
Motivator
‎10-08-2010 01:11 PM

Did you uninstall Splunk cleanly before attempting to install again?

0 Karma
Reply
Get Updates on the Splunk Community!

Unlock Database Monitoring with Splunk Observability Cloud

  In today’s fast-paced digital landscape, even minor database slowdowns can disrupt user experiences and ...

Purpose in Action: How Splunk Is Helping Power an Inclusive Future for All

At Cisco, purpose isn’t a tagline—it’s a commitment. Cisco’s FY25 Purpose Report outlines how the company is ...

[Upcoming Webinar] Demo Day: Transforming IT Operations with Splunk

Join us for a live Demo Day at the Cisco Store on January 21st 10:00am - 11:00am PST In the fast-paced world ...