Solved: Windows could not start the Splunkd (or SplunkForw...

Strype · ‎07-17-2014

This may have already been posted but I couldn't find it and I burnt up about 2-3 hours scratching my head...

After a service restart, if you get the following error message:
"Windows could not start the Splunkd service on Local Computer. Error 2: The system cannot find the file specified."

Answer can be found below. I hope it helps someone save some time.

Strype · ‎07-17-2014

Windows key + r Type regedit HKLM > System > CurrentControlSet > services > Splunkd (or SplunkForwarder) If ImagePath has quotes in it, delete them and start the service.

View solution in original post

Strype · ‎07-17-2014

Windows key + r Type regedit HKLM > System > CurrentControlSet > services > Splunkd (or SplunkForwarder) If ImagePath has quotes in it, delete them and start the service.

david_pinon · ‎04-02-2015

This didn't work for me either and I also receive:

Error 1067: The process terminated unexpectedly.

pparkerntx99 · ‎03-19-2015

The answer did not work when I tried it

kmattern · ‎09-18-2014

What do you do when DoD IA policies flag this as a possible security violation and require the quotes?

Windows could not start the Splunkd (or SplunkForwarder) service on Local Computer...cannot find file specified

Earn a $35 Gift Card for Answering our Splunk Admins & App Developer Survey

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

Monitoring Amazon Elastic Kubernetes Service (EKS)