Why am I unable to delete Splunk from an Ubuntu se...

splunkfly · ‎04-18-2016

I tried deleting Splunk completely from the Ubuntu server. I'm able to delete the splunk_home directory, but when I refresh I could see the Splunk directory again. I tried multiple times, but it is still not getting deleted. Under Splunk_Home I can barely see one directory Splunk_Home/var/

Please help me to delete this completely from my system. I stopped the Splunk server before I deleted with /bin/splunk stop

jensonthottian · ‎04-18-2016

what user are you logged in as, do you have permissions to delete it.

Try doing a sudo su - root before using the rm command.

splunkfly · ‎04-19-2016

Yes, I'm a root user. I have all the permissions, it is getting deleted when i delete it, but after few minutes the directory appears again at the same location.

jensonthottian · ‎04-19-2016

For sure you might have some process running which creates again files and dirs you just deleted.

Run the below and please provide the result:

cd /opt/splunk ; df .

splunkfly · ‎04-20-2016

Filesystem 1K-blocks Used Available Use% Mounted on
/dev/dm-0 80083800 2456832 73535884 4% /

Why am I unable to delete Splunk from an Ubuntu server?

[Puzzles] Solve, Learn, Repeat: Dynamic formatting from XML events

Enter the Agentic Era with Splunk AI Assistant for SPL 1.4

Stronger Security with Federated Search for S3, GCP SQL & Australian Threat ...

Join the Conversation

Why am I unable to delete Splunk from an Ubuntu server?

[Puzzles] Solve, Learn, Repeat: Dynamic formatting from XML events

Enter the Agentic Era with Splunk AI Assistant for SPL 1.4

Stronger Security with Federated Search for S3, GCP SQL & Australian Threat ...