Re: One server has splunk service failling and it ...

meetbikash · ‎04-11-2022

One server has splunk service failling and it seems splunk-winevtlog.exe is not started.

there of two services are up and one is alwasys down and not started.

reinstalled agent but still didnot help.

SplunkForwarder Service Windows Service Monitor Up
Up splunkd.exe Process Monitor - Windows Up
Down splunk-winevtlog.exe Process Monitor - Windows Down

gcusello · ‎04-11-2022

Hi @meetbikash,

splunk-winevtlog.exe is the connector to read wineventlog data.

Which operative system are you using and which splunk version?

have you an antivirus, because it seems that there's a problem on a single process to start.

Eventually open a Case to Splunk Support.

Ciao.

Giuseppe

meetbikash · ‎04-11-2022

Thanks for the Reply,

we are on 2019 and Splunk Universal forwarder is on 8.2.4

gcusello · ‎04-11-2022

Hi @meetbikash,

this means that there isn't any compatibility problem.

Check if there's an antivirus or some other protection system that requiresi a definition of the acceptable processes.

Then which user are you using to run splunk?

Anyway, open a Case to Splunk Support.

Ciao.

Giuseppe

Why one server has splunk service failling and splunk-winevtlog.exe is not starting?

other

splunkd

universal forwarder

Windows

Introducing Splunk Enterprise 9.2

Adoption of RUM and APM at Splunk

Routing logs with Splunk OTel Collector for Kubernetes