Getting Data In
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Why has Splunk stopped indexing my files?

dshakespeare_sp
Splunk Employee
Splunk Employee
‎01-26-2017 12:50 AM

Customer reported that a standalone Splunk Indexer had stopped indexing any monitored files.
They also noticed that :

  • Splunks _internal index was no longer been written to.
  • The Splunk GUI was available and "splunk status" showed splunk was running
  • Splunks log files in $SPLUNK_HOME/var/log/splunk were being written to corectly
Reply

dshakespeare_sp
Splunk Employee
Splunk Employee
‎01-26-2017 12:59 AM

In splunkd.log the following error was observered

WARN  TailingProcessor - Called run() on disabled instance.  Will not run.

This message appears when disabled=true is set in a global/default stanza in inputs.conf
In $SPLUNK_HOME/etc/system/local/inputs.conf it was found that the following stanza had been mistakenly set

[default]
disabled = 1
index = test
sourcetype = testing

When this stanza was removed and Splunk was restarted, indexing resumed correctly

Reply

jplumsdaine22
Influencer
‎01-26-2017 03:34 AM

Don't forget to mark as answered 🙂

Reply
Get Updates on the Splunk Community!

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

It’s Monday morning, and your phone is buzzing with alert escalations – your customer-facing portal is running ...

What’s New in Splunk Observability – September 2025

What's NewWe are excited to announce the latest enhancements to Splunk Observability, designed to help ITOps ...

Fun with Regular Expression - multiples of nine

Fun with Regular Expression - multiples of nineThis challenge was first posted on Slack #regex channel ...