Installation

unable to enable boot-start in splunk forwarder on Centos

Gopinath
Loves-to-Learn

We can install Splunk forwarder through ansible tower while executing enable at boot-start we are facing the same error.

OS- CentOS Linux release 7.8.2003 (Core)

 UF - Linux version 7.2.3

command using : /app/splunk/splunkforwarder/bin/./splunk enable boot-start -user awsadmin

Error:

---------------------------------------------------------------------------

execve: No such file or directory

while running command /sbin/chkconfig

---------------------------------------------------------------------

I tried as root user as well, but still facing the error. I tried all answers from splunk community but nothing worked for me.

 

Please help, why is this issue coming at all? How to resolve it?

 

 

 

 

Labels (4)
0 Karma

harsha
Loves-to-Learn Lots

Hello Gopinath,

 

Did you got this resolved?. I am also having this issue for RHEL6 only.,  please help

0 Karma

thambisetty
SplunkTrust
SplunkTrust

First try running below modified command line:

/app/splunk/splunkforwarder/bin/splunk enable boot-start -user awsadmin
Whats version of forwarder? 
is service managed by systemctl or init.d service?

————————————
If this helps, give a like below.
Tags (1)
0 Karma

Gopinath
Loves-to-Learn

The service is managed by init.d script

The version of UF is 7.2.3

After running this command only I am getting this issue.

/app/splunk/splunkforwarder/bin/splunk enable boot-start -user awsadmin

0 Karma
Get Updates on the Splunk Community!

Take Your Breath Away with Splunk Risk-Based Alerting (RBA)

WATCH NOW!The Splunk Guide to Risk-Based Alerting is here to empower your SOC like never before. Join Haylee ...

Industry Solutions for Supply Chain and OT, Amazon Use Cases, Plus More New Articles ...

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

Enterprise Security Content Update (ESCU) | New Releases

In November, the Splunk Threat Research Team had one release of new security content via the Enterprise ...