Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Getting Data In
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Splunk Administration
- :
- Getting Data In
- :
- Re: Starting Splunk from post_backup script?
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
gljiva
Path Finder
02-11-2011
09:15 AM
Hi, I'm having a problem with ARCserve post backup script that should start Splunk again. Prebackup script for stopping Splunk works fine but uag_post_backup can't seem to start Splunk again. I should note that when I manually run script from shell it works fine, but when ARCserve starts script then Splunk has problems starting. Here is uag_post_backup source:
#!/bin/bash
export SPLUNK_HOME=/opt/splunk
date >> /tmp/uag_post.txt
echo "Starting process..." >> /tmp/uag_post.txt
RET=1
while [ $RET = 1 ]
do
echo "In loop" >> /tmp/uag_post.txt
id >> /tmp/uag_post.txt
/opt/splunk/bin/splunk start >> /tmp/uag_post.txt | 2>> /tmp/uag_post.txt
echo "After start" >> /tmp/uag_post.txt
sleep 10
/opt/splunk/bin/splunk status >> /tmp/uag_post.txt | 2>> /tmp/uag_post.txt
/opt/splunk/bin/splunk status | grep "splunkd is running"
RET=$?
echo "Loop end" >> /tmp/uag_post.txt
sleep 5
done
This script generates following log file:
Thu Feb 10 11:36:31 CET 2011
Starting process...
In loop
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
Splunk> Take the sh out of IT.
Checking prerequisites...
Checking http port [8000]: open
Checking mgmt port [8089]: Checking configuration... Done.
open
After start
splunkd is not running.
splunkweb is not running.
Loop end
In loop
Splunk> Take the sh out of IT.
Checking prerequisites...
Checking http port [8000]: open
Checking mgmt port [8089]: Checking configuration... Done.
open
After start
splunkd is not running.
splunkweb is not running.
Loop end
In loop
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
Splunk> Take the sh out of IT.
Checking prerequisites...
Checking http port [8000]: open
Checking mgmt port [8089]: Checking configuration... Done.
open
After start
splunkd is not running.
splunkweb is not running.
Loop end
I have removed the rest because this just loops and generates same log because Splunk can't start. Any ideas or ways to start Splunk reliably?
1 Solution
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
gljiva
Path Finder
03-30-2011
02:52 PM
The only way to start Splunk from a script without it crashing is to schedule it's start from a script with at command.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
gljiva
Path Finder
03-30-2011
02:52 PM
The only way to start Splunk from a script without it crashing is to schedule it's start from a script with at command.
Get Updates on the Splunk Community!
Enterprise Security (ES) Essentials 8.3 is Now GA — Smarter Detections, Faster ...
As of today, Enterprise Security (ES) Essentials 8.3 is now generally available, helping SOC teams simplify ...
AI for AppInspect
We’re excited to announce two new updates to AppInspect designed to save you time and make the app approval ...
App Platform's 2025 Year in Review: A Year of Innovation, Growth, and Community
As we step into 2026, it’s the perfect moment to reflect on what an extraordinary year 2025 was for the Splunk ...
