Good day,
I am having an issue where all users are randomly and incorrectly logged out (session timeout) while actively using the dashboard.
I noticed that every time this occurs the splunk service has restarted. Every "ps -ef |grep splunk" gives a new timestamp after a session timeout so Splunk is restarting for some reason.
I am also seeing these these logs in splunkd.log (see attached image)
And then there is this but the permissions look correct.
ERROR ExecProcessor - message from "/usr/bin/timeout -s9 10m /opt/ping-scripts/ping_checks.sh -index ping-check" /usr/bin/timeout: failed to run command ‘/opt/ping-scripts/ping_checks.sh’: Permission denied
I have also set the following
web.conf
tools.sessions.timeout = 100000
ui_inactivity_timeout = 100000
server.conf
sessionTimeout = 4h
I also ran “sudo /opt/splunk/bin/splunk btool check –debug” to check for conf file syntax errors and corrected them all. Splunk does not give any errors when starting up.
Thank you kindly!
Hi @Koman,
the only hint in this situation is to open a new case to Splunk Support.
If your server is a production server they intervene very quickly.
Ciao.
Giuseppe