splunkd service is trying to start after windows server reboot but it stops suddenly.
MS has confirmed that there is no issue from Service Control Manager.
This Splunk service stoppage is found only on the servers after the patching reboot.
 
					
				
		
 
		
		
		
		
		
	
			
		
		
			
					
		Hi @pavan1,
what's the hardware configuration of this machine?
Are you speaking of Splunk Enterprise or Universal Forwarder?
could you share the last relevant rows of $SPLUNK_HOME/var/log/splunk/splunkd.log ?
Ciao.
Giuseppe
it is universal forwarder.
 
					
				
		
 
		
		
		
		
		
	
			
		
		
			
					
		Hi @pavan1,
I experienced this behavior when there aren't sufficient resources to run UF, what's the hardware configuration of this machine?
could you share the last relevant rows of $SPLUNK_HOME/var/log/splunk/splunkd.log ?
Ciao.
Giuseppe
All of them are virtual servers are windows 2016 & 2019 standard, hosted through vmware.
RAM Size varies from minimum 16 GB to 64 GB depending on the server role.
CPU is Intel 2.3 Ghz with minimum 2 cpu count & dual core.
With minimum OS Drive of 180 GB
Trying to get the logs as asked.
