Installation

Splunk standalone server: Why after the OS update the Splunk is unable to run the service?

iamtheclient20
Explorer

Splunk Version: 8
OS: Windows Server

Good afternoon.

Maybe someone here may give me an idea how to troubleshoot.
Customer update the OS of Windows server, then after the OS update the Splunk is unable to run the service.
WARNING: Seems web interface is not to be available.

No logs written in splunkd.log

The folder or directory of Splunk is under Splunk user.

Thank you.

Labels (1)
Tags (1)
0 Karma

gcusello
SplunkTrust
SplunkTrust

Hi @iamtheclient20,

at first, did you disabled the Windows local firewall or another protectio?

What's the version of the new windows?

Splunk 8.X is certified for Windows 10, Windows Server 2016 and 2019.

Ciao.

Giuseppe

0 Karma

iamtheclient20
Explorer

Windows Server 2012 R2 Standard. We already check the itself firewall seems ok .

0 Karma

gcusello
SplunkTrust
SplunkTrust

Hi @iamtheclient20,

this windows version isn't certified for Splunk 8, and this could be the issue, even if I don't think.

Are you able co connect to the server, using the browser, from itself?

If you can open a case to Splunk Support.

Ciao.

Giuseppe

0 Karma

iamtheclient20
Explorer

I am not able to connect using browser ifself. Yes, upon checking OS version is not supported. Thanks

0 Karma

isoutamo
SplunkTrust
SplunkTrust

Based on this https://docs.splunk.com/Documentation/Splunk/7.3.9/Installation/Systemrequirements Splunk 7.3 is latest officially supported version for Window 2012 or 2012 R2.

Platform support changes in version 8.0 also confirm that.

Anyhow Windows 2012R2 will be out of support quite soon (https://learn.microsoft.com/en-us/lifecycle/announcements/windows-server-2012-r2-end-of-support) so you should upgrade it anyhow to some recent version to secure your environment.

0 Karma

iamtheclient20
Explorer

Thank you for these reference, we will consider that.

0 Karma

isoutamo
SplunkTrust
SplunkTrust

Hi

Have you try to start it manually?

If splunk logs haven't anything, are you check also windows event viewer?

Which Windows version + exact splunk version 8.2.??

Physical or virtual hardware?

r. Ismo

0 Karma

iamtheclient20
Explorer

Splunk Version 8.2.6, residing in physical server.
I also tried to start the splunk using windows services but not luck.
I did not check this windows event viewer.

I am thinking to update to latest version of Splunk.

0 Karma
Get Updates on the Splunk Community!

Index This | Divide 100 by half. What do you get?

November 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this ...

Stay Connected: Your Guide to December Tech Talks, Office Hours, and Webinars!

❄️ Celebrate the season with our December lineup of Community Office Hours, Tech Talks, and Webinars! ...

Splunk and Fraud

Watch Now!Watch an insightful webinar where we delve into the innovative approaches to solving fraud using the ...