Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Why is Splunk enterprise webserver is stuck?

vchennuri
Engager
‎10-08-2019 10:15 AM

My splunk enterprise is stuck below and not starting.

Splunk> 4TW

Checking prerequisites...
        Checking http port [8000]: open
        Checking mgmt port [8089]: open
        Checking appserver port [127.0.0.1:8065]: open
        Checking kvstore port [8191]: open
        Checking configuration... Done.
        Checking critical directories...        Done
        Checking indexes...
                Validated: _audit _internal _introspection _telemetry _thefishbucket collectd history mail main secure summary unix_summary
        Done
        Checking filesystem compatibility...  Done
        Checking conf files for problems...
        Done
        Checking default conf files for edits...
        Validating installed files against hashes from '/opt/splunk/splunk-7.3.0-657388c7a488-linux-2.6-x86_64-manifest'
File '/opt/splunk/etc/system/default/alert_actions.conf' changed.
        Problems were found, please review your files and move customizations to local
All preliminary checks passed.

Starting splunk server daemon (splunkd)...
Done
 [  OK  ]

Waiting for web server at https://127.0.0.1:8000 to be available...

Can someone help please?

0 Karma
Reply

ivanreis
Builder
‎10-08-2019 05:54 PM

Check if there is any error message at splunkd.log/web_service.log at $SPLUNK_HOME/var/log/splunk.
I had similar issues in the past and I am not able to identify the root cause even doing some troubleshooting on the log files I mentioned.

To fix the web server issues in my case, I have to reinstall Splunk using the same version already previously installed and it had worked. Try to revert the previous changes you had deployed to check it can be the root cause.

Please run a backup first at the entire /etc folder before you deploy any changes, just to make sure you are able to recover all the configuration and apps.

0 Karma
Reply

vchennuri
Engager
‎10-08-2019 10:45 AM

Rephrasing my question
My splunk enterprise webserver is stuck as below and Not starting.

0 Karma
Reply

marcus_santos_s
Path Finder
‎10-08-2019 11:42 AM

Hello, Vchennuri,

Is this server in Search Head Cluster?
I had a similar problem and the cause was the Configuration Bundle.

0 Karma
Reply
Get Updates on the Splunk Community!

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

You’ve probably heard the latest about AppDynamics joining the Splunk Observability portfolio, deepening our ...

Monitoring Amazon Elastic Kubernetes Service (EKS)

As we’ve seen, integrating Kubernetes environments with Splunk Observability Cloud is a quick and easy way to ...

Cloud Platform & Enterprise: Classic Dashboard Export Feature Deprecation

As of Splunk Cloud Platform 9.3.2408 and Splunk Enterprise 9.4, classic dashboard export features are now ...