Getting Data In

Failed to write usn context

srich
Explorer

I am seeing the following errors over and over again in my splunkd.log file. I'm not sure where to go to resolve this. Any thoughts?

05-20-2010 11:15:54.163 ERROR ExecProcessor - message from ""C:\Program Files\Splunk\bin\splunk-admon.exe"" splunk-admon - run: Failed to write usn context. 05-20-2010 11:15:54.163 ERROR ExecProcessor - message from ""C:\Program Files\Splunk\bin\splunk-admon.exe"" splunk-admon - main: Failed to run ADMonitor='NearestDC', targedDC='{FQDN of DC}'

Tags (1)
1 Solution

Ledio_Ago
Splunk Employee
Splunk Employee

It sounds like Active Directory monitor program, splunk-admon.exe, couldn't save its checkpoint value, which is a USN string.

Check and see if the checkpoint file is created under:

Splunk\var\lib\splunk\persistentstorage\ADMon\NearestDC.ini

For some reason we can't write to that file.

View solution in original post

Ledio_Ago
Splunk Employee
Splunk Employee

It sounds like Active Directory monitor program, splunk-admon.exe, couldn't save its checkpoint value, which is a USN string.

Check and see if the checkpoint file is created under:

Splunk\var\lib\splunk\persistentstorage\ADMon\NearestDC.ini

For some reason we can't write to that file.

Ledio_Ago
Splunk Employee
Splunk Employee

Glad to hear you got it fixed.
How did it get to that state, do you know?

0 Karma

srich
Explorer

The file was there but permissions were wrong. Thanx.

0 Karma
Get Updates on the Splunk Community!

The Splunk Success Framework: Your Guide to Successful Splunk Implementations

Splunk Lantern is a customer success center that provides advice from Splunk experts on valuable data ...

Splunk Training for All: Meet Aspiring Cybersecurity Analyst, Marc Alicea

Splunk Education believes in the value of training and certification in today’s rapidly-changing data-driven ...

Investigate Security and Threat Detection with VirusTotal and Splunk Integration

As security threats and their complexities surge, security analysts deal with increased challenges and ...