Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Why am I unable to start Splunk Universal Forwarder after installing on Isilon/Linux?

jasondillard74
New Member
‎10-03-2016 09:01 AM

Got the universal forwarder installed on my Isilon. (/opt/Splunk/splunkforwarder/)
Trying to follow the directions to start the service up but its not working. I'm not a Linux guy...

ktfs01-2# cd /opt/Splunk/splunkforwarder
ktfs01-2# ./splunk start
ELF binary type "0" not known.
zsh: exec format error: ./splunk
ktfs01-2# ls
btool                   bzip2                   copyright.txt           genSignedServerCert.sh  openssl                 scripts                 splunk                  splunkdj                srm
btprobe                 classify                genRootCA.sh            genWebCert.sh           pid_check.sh            setSplunkEnv            splunkd                 splunkmon
ktfs01-2#
0 Karma
Reply

Michael_Carlisl
Explorer
‎10-03-2016 09:15 AM

Interesting that your splunk executable is not in /opt/Splunk/splunkforwarder/bin. Do you have a bin in SPLUNKHOME?

0 Karma
Reply

jasondillard74
New Member
‎10-03-2016 09:21 AM

It is in bin actually.... sorry, accidentally left that part out of the path above.

0 Karma
Reply

Michael_Carlisl
Explorer
‎10-03-2016 09:48 AM

Ah Gotcha! I'm assuming you got the correct linux version for the forwarder? Once I ran tar xvzf on the .tgz file, I was able to run ./splunk commands.

0 Karma
Reply

jasondillard74
New Member
‎10-03-2016 09:57 AM

I don't know what the deal is... I downloaded the x64 version straight from Splunks site.
Here's a better rundown on my Putty. I renamed the file to splunk.tgz, then copied it to the /opt/Splunk/ folder via WinSCP. When I extracted it, It created the splunkforwarder folder and all underlying files/folders.

ktfs01-2# tar xvzf splunk.tgz
x splunkforwarder/
x splunkforwarder/etc/
x splunkforwarder/etc/deployment-apps/
x splunkforwarder/etc/deployment-apps/README............................etc.

ktfs01-2# cd /opt/Splunk/splunkforwarder/bin
ktfs01-2# ./splunk start
ELF binary type "0" not known.
zsh: exec format error: ./splunk
ktfs01-2#

0 Karma
Reply
Get Updates on the Splunk Community!

New Case Study Shows the Value of Partnering with Splunk Academic Alliance

The University of Nevada, Las Vegas (UNLV) is another premier research institution helping to shape the next ...

How to Monitor Google Kubernetes Engine (GKE)

We’ve looked at how to integrate Kubernetes environments with Splunk Observability Cloud, but what about ...

Index This | How can you make 45 using only 4?

October 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this ...