Large number of errors processing data from forwar...

nurtdi · ‎04-13-2011

The data is being indexed, but a lot of errors in splunkd.log

this is a snippet of log after running splunk indexer in debug mode:

04-13-2011 15:54:08.135 ERROR TcpInputProc - Error encountered for connection from src=xxx.xxx.xxx.xxx:2744. Success
04-13-2011 15:54:08.135 DEBUG StatusMgr - Updating status for TcpInputProcessor
04-13-2011 15:54:08.135 INFO  StatusMgr - destPort=9992, eventType=connect_close, sourceHost=xxx.xxx.xxx.xxx, sourceIp=xxx.xxx.xxx.xxx, sourcePort=2744, statusee=                    TcpInputProcessor
04-13-2011 15:54:08.135 ERROR TcpInputProc - Error encountered for connection from src=xxx.xxx.xxx.xxx:3473. Success
04-13-2011 15:54:08.135 DEBUG StatusMgr - Updating status for TcpInputProcessor
04-13-2011 15:54:08.135 INFO  StatusMgr - destPort=9992, eventType=connect_close, sourceHost=xxx.xxx.xxx.xxx, sourceIp=xxx.xxx.xxx.xxx, sourcePort=3473, statusee=                    TcpInputProcessor
04-13-2011 15:54:08.342 DEBUG StatusMgr - Updating status for TcpInputProcessor
04-13-2011 15:54:08.342 INFO  StatusMgr - destPort=9997, eventType=connect_close, sourceHost=xxx.xxx.xxx.xxx, sourceIp=xxx.xxx.xxx.xxx, sourcePort=61588, statusee=T                    cpInputProcessor
04-13-2011 15:54:08.399 DEBUG StatusMgr - Updating status for TcpInputProcessor
04-13-2011 15:54:08.553 ERROR TcpInputProc - Error encountered for connection from src=xxx.xxx.xxx.xxx:2575. Success
04-13-2011 15:54:08.553 DEBUG StatusMgr - Updating status for TcpInputProcessor
04-13-2011 15:54:08.553 INFO  StatusMgr - destPort=9992, eventType=connect_close, sourceHost=xxx.xxx.xxx.xxx, sourceIp=xxx.xxx.xxx.xxx, sourcePort=2575, statusee=                    TcpInputProcessor

Thank you, Ildus

jkerai · ‎04-17-2011

Unfortunately this is a bug and we are trying to identify root cause.

Jeremiah · ‎05-04-2011

Any update?

Large number of errors processing data from forwarders over SSL

Enter the Agentic Era with Splunk AI Assistant for SPL 1.4

Stronger Security with Federated Search for S3, GCP SQL & Australian Threat ...

Accelerating Observability as Code with the Splunk AI Assistant

Join the Conversation

Large number of errors processing data from forwarders over SSL

Enter the Agentic Era with Splunk AI Assistant for SPL 1.4

Stronger Security with Federated Search for S3, GCP SQL & Australian Threat ...

Accelerating Observability as Code with the Splunk AI Assistant