- Find Answers
- :
- Splunk Administration
- :
- Admin Other
- :
- Installation
- :
- Error while validating databases - fresh installat...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The server is a fresh installation of Fedora 19 x86_64, it is a completely minimal install with nothing else really added other than vim and git. I've set SELinux to permissive, and my firewall is still blocking all incoming traffic other than SSH but I did test with it turned off and the issue remains. After installing Splunk-6.0.s omething I ran
cd /opt/splunk/bin/
./splunk --accept-license --answer-yes
and I get
Splunk> Be an IT superhero. Go home early.
Checking prerequisites...
Checking http port [8000]: open
Checking mgmt port [8089]: open
Checking configuration... Done.
Creating: /opt/splunk/var/run/splunk
Creating: /opt/splunk/var/run/splunk/appserver/i18n
Creating: /opt/splunk/var/run/splunk/appserver/modules/static/css
Creating: /opt/splunk/var/run/splunk/upload
Creating: /opt/splunk/var/spool/splunk
Creating: /opt/splunk/var/spool/dirmoncache
Creating: /opt/splunk/var/lib/splunk/authDb
Creating: /opt/splunk/var/lib/splunk/hashDb
Checking critical directories... Done
Checking indexes...
homePath='/opt/splunk/var/lib/splunk/audit/db' of index=_audit on unusable filesystem.
Validating databases (splunkd validatedb) failed with code '1'. If you cannot resolve the issue(s) above after consulting documentation, please file a case online at http://www.splunk.com/page/submit_issue
I'm not really sure where it gets the idea the the filesystem is unusable, I did after all just install it to the same location that it's writing to. I did not however setup a new Splunk user account, but I don't think I've ever done that in the past when I've used previous versions.
Gracias.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Apparently it's btrfs related. That's dumb.
http://answers.splunk.com/answers/9035/can-i-run-splunk-on-btrfs
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
it also is possible that you have to check if your database location still owned by splunk user.
I start splunk with user splunk from splunk group.
I tested a configuration and started splunk as root and does some configuration.
After that some files in my Database location was no owned by root and not the splunk user.
After that i would restart splunk with the splunk user and got the same Error Message.
homePath='/opt/splunk/var/lib/splunk/audit/db' of index=_audit on unusable filesystem.
Validating databases (splunkd validatedb) failed with code '1'. If you cannot resolve the issue(s) above after consulting documentation, please file a case online at http://www.splunk.com/page/submit_issue
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Apparently it's btrfs related. That's dumb.
http://answers.splunk.com/answers/9035/can-i-run-splunk-on-btrfs
Harnessing Splunk’s Federated Search for Amazon S3
Infographic provides the TL;DR for the 2024 Splunk Career Impact Report
Enterprise Security Content Update (ESCU) | New Releases
