Getting Data In
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Why am I getting "Service 'splknetdrv' could not be stopped! Error = 1062" in splunkd.log after restarting Windows universal forwarder?

dlpco
Path Finder
‎10-02-2014 05:42 PM

I am finding the following error in the splunkd.log of the forwarder running on a Windows machine after restarting the forwarder:

10-02-2014 16:57:49.603 -0700 ERROR ExecProcessor - message from "D:\SplunkUniversalForwarder\bin\splunk-netmon.exe" splunk-netmon - NetmonStopDriver - Service 'splknetdrv' could not be stopped!  Error = 1062
Reply

rovechkin
Explorer
‎02-20-2015 03:52 PM

this can happen is the driver was busy processing network packets. Eventually it will be shut down by Windows SCM. Let me know if this is persistent issue.

0 Karma
Reply

dstaulcu
Builder
‎02-21-2015 07:15 AM

I get this problem too.. on many servers.. some very busy, some not-so-busy

0 Karma
Reply

rovechkin
Explorer
‎02-23-2015 10:41 AM

Thanks for reporting! We will take a look at the issue, whoever it is probably benign - the driver might be just a bit busy and will eventually be shut down.

0 Karma
Reply

dlpco
Path Finder
‎10-02-2014 05:43 PM

Sorry - the backslashs in the path were stripped out for some reason.

0 Karma
Reply

musskopf
Builder
‎01-13-2015 02:32 PM

Did you find a solution? I'm trying to enable netmon over here and getting the same error... my Splunk UNF is 6.1.1

Reply

dlpco
Path Finder
‎01-21-2015 10:31 PM

I never did get an answer, I updated to 6.2.1 and installed the indexer on LINUX and issue was not encountered again.

0 Karma
Reply
Get Updates on the Splunk Community!

Demo Day: Strengthen Your SOC with Splunk Enterprise Security 8.1

Today’s threat landscape is more complex than ever. Security operation centers (SOCs) are overwhelmed with ...

Dashboards: Hiding charts while search is being executed and other uses for tokens

There are a couple of features of SimpleXML / Classic dashboards that can be used to enhance the user ...

Splunk Observability Cloud's AI Assistant in Action Series: Explaining Metrics and ...

This is the fourth post in the Splunk Observability Cloud’s AI Assistant in Action series that digs into how ...