Installing of Splunk Universal Forward ver 9.0.0 o...

Mel-at-CHC · ‎11-02-2022

I have been experiencing issues with getting the Splunk Universal Forwarder agent installed on AIX 7.1 and 7.2 servers. The issue I am having is that after installation of the Splunk UF agent and starting the "splunkd" daemon, it runs for a few seconds and then dies (see details below). Has anyone had this issue? And if so, can you provide insight, or a resolution?

root@PA-CLMLD001:/:
root@PA-CLMLD001:/: ps -ef | grep splunkd
    root  7733308 18350184   0 10:48:09  pts/0  0:00 grep splunkd
root@PA-CLMLD001:/: /usr/bin/startsrc -s splunkd
0513-059 The splunkd Subsystem has been started. Subsystem PID is 7405708.
root@PA-CLMLD001:/: ps -ef | grep splunkd
    root  7405712  2752706 103 10:51:31      -  0:01 splunkd --nodaemon -p 8089 _internal_exec_splunkd
    root 11403272 18350184   0 10:51:35  pts/0  0:00 grep splunkd
    root 22544524  7405712   0 10:51:33      -  0:00 [splunkd pid=7405712] splunkd --nodaemon -p 8089 _internal_exec_splunkd [process-runner]
root@PA-CLMLD001:/: ps -ef | grep splunkd
    root  7733300 18350184   0 10:51:46  pts/0  0:00 grep splunkd
root@PA-CLMLD001:/:

Thanks,

Mel

richgalloway · ‎11-02-2022

Check splunkd.log and journalctl to see if they report why Splunk is stopping.

---
If this reply helps you, Karma would be appreciated.

Installing of Splunk Universal Forward ver 9.0.0 on AIX 7.1 and 7.2 - The splunkd daemon dies seconds after startup

universal forwarder

Introducing the 2024 SplunkTrust!

Introducing the 2024 Splunk MVPs!

Splunk Custom Visualizations App End of Life