Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Splunk enterprise webserver is stuck

vchennuri
Engager
‎10-08-2019 10:47 AM

My splunk enterprise webserver is stuck as below and starting:

Splunk> 4TW

Checking prerequisites...
        Checking http port [8000]: open
        Checking mgmt port [8089]: open
        Checking appserver port [127.0.0.1:8065]: open
        Checking kvstore port [8191]: open
        Checking configuration... Done.
        Checking critical directories...        Done
        Checking indexes...
                Validated: _audit _internal _introspection _telemetry _thefishbucket collectd history mail main secure summary unix_summary
        Done
        Checking filesystem compatibility...  Done
        Checking conf files for problems...
        Done
        Checking default conf files for edits...
        Validating installed files against hashes from '/opt/splunk/splunk-7.3.0-657388c7a488-linux-2.6-x86_64-manifest'
File '/opt/splunk/etc/system/default/alert_actions.conf' changed.
File '/opt/splunk/etc/system/default/web.conf' changed.
        Problems were found, please review your files and move customizations to local
All preliminary checks passed.

Starting splunk server daemon (splunkd)...
Done
 [  OK  ]

Waiting for web server at https://127.0.0.1:8000 to be available...

Can someone help please ?

0 Karma
Reply

badrinath_itrs
Communicator
‎10-09-2019 04:28 AM

Hi,

First of all you should not be modifying the files present in $SPLUNK_HOME/etc/system/default location which is shipped by SPLUNK. If you want to modify them, please create a new .conf file in either $SPLUNK_HOME/etc/system/local or $SPLUNK_HOME/etc/apps//local directory with your setting.

Please check splunkd.log and see if you are getting any error there. It appears to me you have modified some settings in web.conf file in $SPLUNK_HOME/etc/system/default which might be causing this issue.

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Index This | What travels the world but is also stuck in place?

April 2026 Edition  Hayyy Splunk Education Enthusiasts and the Eternally Curious!   We’re back with this ...

Discover New Use Cases: Unlock Greater Value from Your Existing Splunk Data

Realizing the full potential of your Splunk investment requires more than just understanding current usage; it ...

Continue Your Journey: Join Session 2 of the Data Management and Federation Bootcamp ...

As data volumes continue to grow and environments become more distributed, managing and optimizing data ...