Monitoring Splunk
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

KV Store Fails about once a week

AJSCSA
Loves-to-Learn Lots
‎12-04-2020 10:38 AM

Roughly once a week, I'm getting the following errors on my single instance Splunk deployment.

 

KV Store changed status to failed. KVStore process terminated..
12/3/2020, 11:53:25 AM


KV Store process terminated abnormally (exit code 14, status exited with code 14). See mongod.log and splunkd.log for details.
12/3/2020, 11:53:25 AM

 

Now, I can fix the issue, by stopping Splunk, renaming the mongod folder and restarting Splunk but I want to know why I'm getting the errors and how to prevent them in the first place.  Any help or assistance would be greatly appreciated.

Labels (1)
Labels
0 Karma
Reply

nwuest
Path Finder
‎12-05-2020 11:22 PM

Hi @AJSCSA,

These alerts you have referenced in your post, is this the "alert" that pops up when you log into the Webpage?

Can you provide some output as to what the following log shows with lines that pertain to KVStore?

On Linux:
# tail -f /opt/splunk/var/log/splunk/mongod.log

On Windows:
# type /opt/splunk/var/log/splunk/mongod.log
OR
# Get-Content /opt/splunk/var/log/splunk/mongod.log -wait

Do let us know what the results yield!

V/R,
nwuest

0 Karma
Reply
Get Updates on the Splunk Community!

Webinar Recap | Revolutionizing IT Operations: The Transformative Power of AI and ML ...

The Transformative Power of AI and ML in Enhancing Observability   In the realm of IT operations, the ...

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...