Re: "Could not find item" errors on Exchange host ...

mikelanghorst · ‎12-13-2012

I'm seeing a large number of the following errors on my exchange server's Splunk log that has the Exchange application installed:

Get-ChildItem : Could not find item P:\Mailbox Database 4\E070026BF04.log.
At C:\Program Files\SplunkUniversalForwarder\etc\apps\TA-Exchange-2010-MailboxStore\bin\powershell\get-databasestats.ps1:84 char:23 + $LogFiles = (DIR <<<< "$($Database.LogFolderPath)*.log")
+ CategoryInfo : ObjectNotFound: (P:\Mailbox Database 4\E070026BF04.log:String) [Get-ChildItem], IOException + FullyQualifiedErrorId : ItemNotFound,Microsoft.PowerShell.Commands.GetChildItemCommand

Seems like a lesser issue with likely the log rolling before this can run? Is this something to be concerned about?

mikelanghorst · ‎12-13-2012

Correlating the time these messages occurred, there was an issue on the Exchange host, and the admins were moving these files off as the filesystem was filling up quickly.

Asked on Splunk, when I should've asked the Exchange admins first.

mikelanghorst · ‎12-13-2012

Adrian responded back pointing out that I was likely running as local system, which would not have access to P:. I'll have the windows admins reconfigure it to run as a domain user and try again.

"Could not find item" errors on Exchange host running app

.conf24 | Day 0

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

Troubleshooting the OpenTelemetry Collector