Large number of errors processing data from forwar...

nurtdi · ‎04-13-2011

The data is being indexed, but a lot of errors in splunkd.log

this is a snippet of log after running splunk indexer in debug mode:

04-13-2011 15:54:08.135 ERROR TcpInputProc - Error encountered for connection from src=xxx.xxx.xxx.xxx:2744. Success
04-13-2011 15:54:08.135 DEBUG StatusMgr - Updating status for TcpInputProcessor
04-13-2011 15:54:08.135 INFO  StatusMgr - destPort=9992, eventType=connect_close, sourceHost=xxx.xxx.xxx.xxx, sourceIp=xxx.xxx.xxx.xxx, sourcePort=2744, statusee=                    TcpInputProcessor
04-13-2011 15:54:08.135 ERROR TcpInputProc - Error encountered for connection from src=xxx.xxx.xxx.xxx:3473. Success
04-13-2011 15:54:08.135 DEBUG StatusMgr - Updating status for TcpInputProcessor
04-13-2011 15:54:08.135 INFO  StatusMgr - destPort=9992, eventType=connect_close, sourceHost=xxx.xxx.xxx.xxx, sourceIp=xxx.xxx.xxx.xxx, sourcePort=3473, statusee=                    TcpInputProcessor
04-13-2011 15:54:08.342 DEBUG StatusMgr - Updating status for TcpInputProcessor
04-13-2011 15:54:08.342 INFO  StatusMgr - destPort=9997, eventType=connect_close, sourceHost=xxx.xxx.xxx.xxx, sourceIp=xxx.xxx.xxx.xxx, sourcePort=61588, statusee=T                    cpInputProcessor
04-13-2011 15:54:08.399 DEBUG StatusMgr - Updating status for TcpInputProcessor
04-13-2011 15:54:08.553 ERROR TcpInputProc - Error encountered for connection from src=xxx.xxx.xxx.xxx:2575. Success
04-13-2011 15:54:08.553 DEBUG StatusMgr - Updating status for TcpInputProcessor
04-13-2011 15:54:08.553 INFO  StatusMgr - destPort=9992, eventType=connect_close, sourceHost=xxx.xxx.xxx.xxx, sourceIp=xxx.xxx.xxx.xxx, sourcePort=2575, statusee=                    TcpInputProcessor

Thank you, Ildus

jkerai · ‎04-17-2011

Unfortunately this is a bug and we are trying to identify root cause.

Jeremiah · ‎05-04-2011

Any update?

Large number of errors processing data from forwarders over SSL

[Puzzles] Solve, Learn, Repeat: Unmerging HTML Tables

Enterprise Security (ES) Essentials 8.3 is Now GA — Smarter Detections, Faster ...

AI for AppInspect

Join the Conversation

Large number of errors processing data from forwarders over SSL

[Puzzles] Solve, Learn, Repeat: Unmerging HTML Tables

Enterprise Security (ES) Essentials 8.3 is Now GA — Smarter Detections, Faster ...

AI for AppInspect