Getting Data In

Socket not supported error while installing universal forwarder on Bash (Virtual machine on windows)

deepak02
Path Finder

Hi,

I am trying to install a universal forwarder on Bash(Virtual Linux terminal on windows).

Step 1: Install Splunk universal forwarder using - tar xvzf splunkforwarder-6.5.2-67571ef4b87d-linux-2.6-x86_64 -C /opt
Step 2:Start Splunk using ./splunk start --accept-license

When I execute ./splunk start --accept-license, I am getting the error,

Splunk> Now with more code!

    Checking prerequisites...
            Checking mgmt port [8089]: open
    terminate called after throwing an instance of 'ProcessRunnerException'
      what():  cannot set up ProcessRunner fd passing socket: Socket type not supported
    Dying on signal #6 (si_code=-6), sent by PID 135 (UID 0). Attempting to clean up pidfile
    ERROR: pid 135 terminated with signal 6 (core dumped)
    SSL certificate generation failed.

I am using Splunk Enterprise. Please help me out.

0 Karma
1 Solution

Richfez
SplunkTrust
SplunkTrust

I'm not positive of all the details, but Windows 10's Bash Shell isn't a full distribution nor a proper VM, but instead just an emulation layer.

As such, I expect the Linux UF may not work. The errors you are getting seem to indicate as well that the emulation layer isn't complete enough for the *nix UF. Indeed, the article I link to above says that "server software" won't work. I'm not sure exactly what they mean by that, but that may be as simple as "You can't open sockets", which seems to be exactly what your testing shows.

So while I applaud the attempt, I expect you will have better luck installing the Windows UF.

View solution in original post

0 Karma

Richfez
SplunkTrust
SplunkTrust

I'm not positive of all the details, but Windows 10's Bash Shell isn't a full distribution nor a proper VM, but instead just an emulation layer.

As such, I expect the Linux UF may not work. The errors you are getting seem to indicate as well that the emulation layer isn't complete enough for the *nix UF. Indeed, the article I link to above says that "server software" won't work. I'm not sure exactly what they mean by that, but that may be as simple as "You can't open sockets", which seems to be exactly what your testing shows.

So while I applaud the attempt, I expect you will have better luck installing the Windows UF.

0 Karma

deepak02
Path Finder

Thankyou very much.

For anyone else facing the same issue, the forwarder installation on Linux/Unix works when you install VMWare on you Windows PC, and install the forwarder on the VM.

0 Karma
Get Updates on the Splunk Community!

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...