Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Socket not supported error while installing universal forwarder on Bash (Virtual machine on windows)

deepak02
Path Finder
‎01-27-2017 09:59 PM

Hi,

I am trying to install a universal forwarder on Bash(Virtual Linux terminal on windows).

Step 1: Install Splunk universal forwarder using - tar xvzf splunkforwarder-6.5.2-67571ef4b87d-linux-2.6-x86_64 -C /opt
Step 2:Start Splunk using ./splunk start --accept-license

When I execute ./splunk start --accept-license, I am getting the error,

Splunk> Now with more code!

    Checking prerequisites...
            Checking mgmt port [8089]: open
    terminate called after throwing an instance of 'ProcessRunnerException'
      what():  cannot set up ProcessRunner fd passing socket: Socket type not supported
    Dying on signal #6 (si_code=-6), sent by PID 135 (UID 0). Attempting to clean up pidfile
    ERROR: pid 135 terminated with signal 6 (core dumped)
    SSL certificate generation failed.

I am using Splunk Enterprise. Please help me out.

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

Richfez
SplunkTrust
SplunkTrust
‎01-29-2017 05:02 AM

I'm not positive of all the details, but Windows 10's Bash Shell isn't a full distribution nor a proper VM, but instead just an emulation layer.

As such, I expect the Linux UF may not work. The errors you are getting seem to indicate as well that the emulation layer isn't complete enough for the *nix UF. Indeed, the article I link to above says that "server software" won't work. I'm not sure exactly what they mean by that, but that may be as simple as "You can't open sockets", which seems to be exactly what your testing shows.

So while I applaud the attempt, I expect you will have better luck installing the Windows UF.

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

Richfez
SplunkTrust
SplunkTrust
‎01-29-2017 05:02 AM

I'm not positive of all the details, but Windows 10's Bash Shell isn't a full distribution nor a proper VM, but instead just an emulation layer.

As such, I expect the Linux UF may not work. The errors you are getting seem to indicate as well that the emulation layer isn't complete enough for the *nix UF. Indeed, the article I link to above says that "server software" won't work. I'm not sure exactly what they mean by that, but that may be as simple as "You can't open sockets", which seems to be exactly what your testing shows.

So while I applaud the attempt, I expect you will have better luck installing the Windows UF.

0 Karma
Reply
Solved! Jump to solution

deepak02
Path Finder
‎01-29-2017 08:36 AM

Thankyou very much.

For anyone else facing the same issue, the forwarder installation on Linux/Unix works when you install VMWare on you Windows PC, and install the forwarder on the VM.

0 Karma
Reply
Get Updates on the Splunk Community!

Introducing the Splunk Community Dashboard Challenge!

Welcome to Splunk Community Dashboard Challenge! This is your chance to showcase your skills in creating ...

Built-in Service Level Objectives Management to Bridge the Gap Between Service & ...

Wednesday, May 29, 2024  |  11AM PST / 2PM ESTRegister now and join us to learn more about how you can ...

Get Your Exclusive Splunk Certified Cybersecurity Defense Engineer Certification at ...

We’re excited to announce a new Splunk certification exam being released at .conf24! If you’re headed to Vegas ...