Splunk Enterprise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How to undo a mistake made while trying to create an index and the CLI?

OgoSplunk
Path Finder
‎12-11-2022 03:56 PM

Hi,

I've been learning Splunk on my free time and at the part of my lesson that is teaching me how to add a splunk index via the CLI. I think I made a mistake with either the stanza or the key values can someone possibly help me out with this one?

 

Splunk> 4TW

Checking prerequisites...
Checking http port [8000]: open
Checking mgmt port [8089]: open
Checking appserver port [127.0.0.1:8065]: open
Checking kvstore port [8191]: open
Checking configuration... Done.
Checking critical directories... Done
Checking indexes...
Problem parsing indexes.conf: Cannot load IndexConfig: stanza=security Required parameter=homePath not configured
Validating databases (splunkd validatedb) failed with code '1'. If you cannot resolve the issue(s) above after consulting documentation, please file a case online at http://www.splunk.com/page/submit_issue
$

 

Labels (2)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

richgalloway
SplunkTrust
SplunkTrust
‎12-11-2022 05:20 PM

Fix it by editing the $SPLUNK_HOME/etc/system/local/indexes.conf file using your favorite text editor.  The [security] stanza should be near the bottom.  Add the homePath setting and make sure other required settings are present as well.  Save the file then run

splunk btool check

to verify all is well.  If no errors are returned then you should be able to start Splunk successfully.

 

---
If this reply helps you, Karma would be appreciated.

View solution in original post

Reply
Solved! Jump to solution
Solution

richgalloway
SplunkTrust
SplunkTrust
‎12-11-2022 05:20 PM

Fix it by editing the $SPLUNK_HOME/etc/system/local/indexes.conf file using your favorite text editor.  The [security] stanza should be near the bottom.  Add the homePath setting and make sure other required settings are present as well.  Save the file then run

splunk btool check

to verify all is well.  If no errors are returned then you should be able to start Splunk successfully.

 

---
If this reply helps you, Karma would be appreciated.
Reply
Solved! Jump to solution

OgoSplunk
Path Finder
‎12-12-2022 07:28 AM

Thanks for the help I'll try this out next time. I ended up just reinstalling splunk out of frustration right before you responded. I'll pass you karma for the efforts. 

0 Karma
Reply
Get Updates on the Splunk Community!

Extending Observability Content to Splunk Cloud

Watch Now!   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to leverage ...

More Control Over Your Monitoring Costs with Archived Metrics!

What if there was a way you could keep all the metrics data you need while saving on storage costs?This is now ...

New in Observability Cloud - Explicit Bucket Histograms

Splunk introduces native support for histograms as a metric data type within Observability Cloud with Explicit ...