Monitoring Splunk
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

restart_splunkd showing up in audit.log every minute -- I am not restarting Splunk every minute.

the_wolverine
Champion
‎08-05-2013 11:30 AM

I'm seeing the following entry every minute in audit.log:

Audit:[timestamp=08-05-2013 18:10:09.376, user=admin, action=restart_splunkd, info=granted ][n/a]

I know for a fact that splunkd is not getting restarted every minute.

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

the_wolverine
Champion
‎08-05-2013 11:32 AM

Per the following answer, this is a bug where the audit handler produces noise: http://splunk-base.splunk.com/answers/8516/auditlog-restart_splunkd

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

the_wolverine
Champion
‎08-05-2013 11:32 AM

Per the following answer, this is a bug where the audit handler produces noise: http://splunk-base.splunk.com/answers/8516/auditlog-restart_splunkd

0 Karma
Reply
Get Updates on the Splunk Community!

The All New Performance Insights for Splunk

Splunk gives you amazing tools to analyze system data and make business-critical decisions, react to issues, ...

Good Sourcetype Naming

When it comes to getting data in, one of the earliest decisions made is what to use as a sourcetype. Often, ...

See your relevant APM services, dashboards, and alerts in one place with the updated ...

As a Splunk Observability user, you have a lot of data you have to manage, prioritize, and troubleshoot on a ...