Why am I unable to delete Splunk from an Ubuntu se...

splunkfly · ‎04-18-2016

I tried deleting Splunk completely from the Ubuntu server. I'm able to delete the splunk_home directory, but when I refresh I could see the Splunk directory again. I tried multiple times, but it is still not getting deleted. Under Splunk_Home I can barely see one directory Splunk_Home/var/

Please help me to delete this completely from my system. I stopped the Splunk server before I deleted with /bin/splunk stop

jensonthottian · ‎04-18-2016

what user are you logged in as, do you have permissions to delete it.

Try doing a sudo su - root before using the rm command.

splunkfly · ‎04-19-2016

Yes, I'm a root user. I have all the permissions, it is getting deleted when i delete it, but after few minutes the directory appears again at the same location.

jensonthottian · ‎04-19-2016

For sure you might have some process running which creates again files and dirs you just deleted.

Run the below and please provide the result:

cd /opt/splunk ; df .

splunkfly · ‎04-20-2016

Filesystem 1K-blocks Used Available Use% Mounted on
/dev/dm-0 80083800 2456832 73535884 4% /

Why am I unable to delete Splunk from an Ubuntu server?

Can’t make it to .conf25? Join us online!

Community Content Calendar, September edition

Splunkbase Unveils New App Listing Management Public Preview

Leveraging Automated Threat Analysis Across the Splunk Ecosystem

Are you a member of the Splunk Community?

Why am I unable to delete Splunk from an Ubuntu server?

Can’t make it to .conf25? Join us online!

Community Content Calendar, September edition

Splunkbase Unveils New App Listing Management Public Preview

Leveraging Automated Threat Analysis Across the Splunk Ecosystem