Solved: How to prevent a PID file from causing one of our ...

katanguriabhi · ‎10-05-2016

Hi,

I got an issue with one of the Universal Forwarder. It is automatically shutting down and when I restart, it is again shutting down immediately. According to what I see when I check status, I figured it out it was the problem with PID files and tried to manually remove them from /opt/splunkforwarder/var/run/splunk . Even after this, I can't find a solution. Can some one help me out?

Thanks 🙂

Attached the pic for reference.

katanguriabhi · ‎10-11-2016

It was the Ulimits on the box that causes issue. I changed the ulimit values to unlimit after looking into Splunkd logs accordingly and it worked perfectly. May be at first i ignored the WARN message in Splunkd logs as we doesn't pay much attention to warnings 😛

View solution in original post

katanguriabhi · ‎10-11-2016

It was the Ulimits on the box that causes issue. I changed the ulimit values to unlimit after looking into Splunkd logs accordingly and it worked perfectly. May be at first i ignored the WARN message in Splunkd logs as we doesn't pay much attention to warnings 😛

How to prevent a PID file from causing one of our universal forwarders to shut down?

Index This | What is broken 80% of the time by February?

Unlock Faster Time-to-Value on Edge and Ingest Processor with New SPL2 Pipeline ...

Splunk MCP & Agentic AI: Machine Data Without Limits

Join the Conversation

How to prevent a PID file from causing one of our universal forwarders to shut down?

Index This | What is broken 80% of the time by February?

Unlock Faster Time-to-Value on Edge and Ingest Processor with New SPL2 Pipeline ...

Splunk MCP & Agentic AI: Machine Data Without Limits