Monitoring Splunk
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How to resolve universalforwarder 8.1.3 aix 7.1, 7.2 software program error log?

haruban36
Explorer
‎04-04-2023 11:23 PM

Splunk Enterprise 8.1.3
I installed splunkforwarder-8.1.3-63079c59e632-AIX-powerpc.

The error message comes from AIX os.

When entering the "errpt" command, the following error message is displayed.

Check the messages below for further confirmation.


=====================================================================

LABEL: SRC_TRYX
IDENTIFIER: 1BA7DF4E

Date/Time: Wed Apr 5 05:00:32 KORST 2023
Sequence Number: 3589
Machine Id: 00CEC3474C00
Node Id: mgl888
Class: S
Type: PERM
WPAR: Global
Resource Name: SRC

Description
SOFTWARE PROGRAM ERROR

Probable Causes
APPLICATION PROGRAM

Failure Causes
SOFTWARE PROGRAM

Recommended Actions
DETERMINE WHY SUBSYSTEM CANNOT RESTART

Detail Data
SYMPTOM CODE
2048
SOFTWARE ERROR CODE
-9020
ERROR CODE
0
DETECTING MODULE
'srchevn.c'@line:'369'
FAILING MODULE
splunkd

Labels (3)
Labels
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

gcusello
Esteemed Legend
‎04-04-2023 11:31 PM

Hi @haruban36,

all the times I hsd to install Splunk UF on AIX I encountered problems.

The only way is to open a case to Splunk Support.

In the meantime, what is your AIX version?

Ciao.

Giuseppe

View solution in original post

Reply
Solved! Jump to solution

haruban36
Explorer
‎04-05-2023 12:54 AM

Hi @gcusello!
Aix version is 7.1

excuse me, I have one more question.
server where the message originated There was also a problem with UF disconnection.
So I restarted it, but the problem occurred again.
Should I open a case on this issue as well?

the following error log is displayed.

Check the logs below for further confirmation.



thank you very much for your response!

========================================================================
03-29-2023 05:00:29.097 +0900 INFO WatchedFile - Will begin reading at offset=13491182 for file='/LOG/tux/CLOG.032923'.
03-29-2023 05:00:29.250 +0900 ERROR ProcessRunner - child's last words: cannot find portable_pid_t 9372426 in _pidToUniqMap
03-29-2023 05:00:29.252 +0900 FATAL ProcessRunner - Unexpected EOF from process runner child!
03-29-2023 05:00:29.299 +0900 ERROR ProcessRunner - helper process seems to have died (child exited with code 255)!
03-29-2023 05:00:29.299 +0900 ERROR ExecProcessor - Exception attempting to setup event loop
03-29-2023 05:00:29.299 +0900 ERROR ExecProcessor - child's last words: cannot find portable_pid_t 9372426 in _pidToUniqMap

0 Karma
Reply
Solved! Jump to solution

gcusello
Esteemed Legend
‎04-05-2023 12:58 AM

Hi @haruban36,

the main problem I encountered on AIX was during Splunk shoutdown that remained freezed and I had to manually kill the process.

i opened a case to Splunk support for this.

Ciao.

Giuseppe

Reply
Solved! Jump to solution
Solution

gcusello
Esteemed Legend
‎04-04-2023 11:31 PM

Hi @haruban36,

all the times I hsd to install Splunk UF on AIX I encountered problems.

The only way is to open a case to Splunk Support.

In the meantime, what is your AIX version?

Ciao.

Giuseppe

Reply
Get Updates on the Splunk Community!

Build Scalable Security While Moving to Cloud - Guide From Clayton Homes

 Clayton Homes faced the increased challenge of strengthening their security posture as they went through ...

Mission Control | Explore the latest release of Splunk Mission Control (2.3)

We’re happy to announce the release of Mission Control 2.3 which includes several new and exciting features ...

Cloud Platform | Migrating your Splunk Cloud deployment to Python 3.7

Python 2.7, the last release of Python 2, reached End of Life back on January 1, 2020. As part of our larger ...