Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

What could cause splunkd.log to be flooded with "ERROR HttpClientRequest - HTTP client error=Read Timeout while connecting to server"?

jadamsplunk
Path Finder
‎01-30-2018 08:57 AM

Hello,

I recently joined a project at a place with an ES Search head and a few ad-hoc ones. Apparently, there has been a new issue that started a few days before I got here. The ES SH (others are fine) will go unresponsive for web browsing until it is restarted. The web daemon and splunkd are still running. Alerts and searches are still running.

Splunkd is just bombarded with "ERROR HttpClientRequest - HTTP client error=Read Timeout while connecting to server" messages and pretty much nothing else. I'm trying to help them figure out what the issue is, but I've never seen something like this happen.

Any thoughts?

Reply

mrtolu6
Path Finder
‎08-20-2018 09:53 AM

Hi did you find out what caused this error?

Reply

traxxasbreaker
Communicator
‎01-30-2018 12:45 PM

How does the system resource usage on your search heads look? And is there a large number of concurrent searches? You may want to take a look at the "Search Activity: Instance" dashboard in the Monitoring Console to see if there are searches running using a large amount of memory.

0 Karma
Reply

jadamsplunk
Path Finder
‎01-30-2018 12:47 PM

That was my first thought as well, but I can't access anything on the SH when it's like that. Looking at the charts historically for when it happens, though, I don't see any spikes.

0 Karma
Reply

adonio
Ultra Champion
‎01-30-2018 07:18 PM

if the ES search head forwards its data to indexer layer, you supposed to be able to query its status through another search head: index = _internal host=ES_Searhc_Head

0 Karma
Reply
Get Updates on the Splunk Community!

Developer Spotlight with Paul Stout

Welcome to our very first developer spotlight release series where we'll feature some awesome Splunk ...

State of Splunk Careers 2024: Maximizing Career Outcomes and the Continued Value of ...

For the past four years, Splunk has partnered with Enterprise Strategy Group to conduct a survey that gauges ...

Data-Driven Success: Splunk & Financial Services

Splunk streamlines the process of extracting insights from large volumes of data. In this fast-paced world, ...