I was getting connection refused in the browser (localhost:8000/en-US/app/launcher/home). I was able to start splunk in Windows Services, but received the following Access Denied errors when attempting to start the service in the CLI. Any idea why? I was not logged in as a system admin in case that matters.
C:\Program Files\Splunk\bin>splunk start
Splunk> Like an F-18, bro.
Checking prerequisites... Checking http port : open Checking mgmt port : open Checking appserver port [127.0.0.1:8065]: open ERROR - Failed opening "C:\Program Files\Splunk\var\log\splunk\splunkd-utility.log": Access is denied. Checking configuration... Done. Failed to open splunk.secret 'C:\Program Files\Splunk\etc\auth\splunk.secret' file. Some passwords will not work. errno=Access is denied. Unable to read 'C:\Program Files\Splunk\etc\auth\splunk.secret' file. Checking critical directories... Done ERROR - Failed opening "C:\Program Files\Splunk\var\log\splunk\splunkd-utility.log": Access is denied. Checking indexes... homePath='C:\Program Files\Splunk\var\lib\splunk\audit\db' of index=_audit on unusable filesystem. Validating databases (splunkd validatedb) failed with code '1'. If you cannot resolve the issue(s) above after consulting documentation, please file a case online at splunk.com/page/submit_issue
That very much reads like a permissions problem. Using the account from which you tried to start Splunk, can you access those files?
C:\Program Files\Splunk\var\log\splunk\splunkd-utility.log C:\Program Files\Splunk\etc\auth\splunk.secret
I can open the first, but receive access denied on the second when running the CLI with a non-admin account. Ran as Admin and was able to open both. Newbie B-P
When restarting splunk from CLI, did you open the Command prompt as Administrator?
Not at first, but that was the problem. Ran Command prompt as Administrator and no more errors received.
try setting this
OPTIMISTICABOUTFILELOCKING = 1
This error should encounter when installing splunk on mac0s
So that you can close this out, I'll post this as an answer:
That very much reads like a permissions problem. Try running Splunk as an admin-level user. That should give you permissions to read and write the appropriate files.