Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Splunk Enterprise
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Splunk Answers
- :
- Splunk Platform Products
- :
- Splunk Enterprise
- :
- Why is Docker Universal Forwarder Docker Image stu...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Why is Docker Universal Forwarder Docker Image stuck trying to update itself?
crane_joke
Engager
02-22-2023
04:28 AM
Hello Splunk Community,
I followed different guides and docs for trying to install the Docker universal forwarder but none of them worked. When I try to execute the splunk binary the splunk in the container appears trying to update itself and stucks:
I ran the image with this docker-compose.yml:
version: '3.5'
networks:
splunk:
name: splunk-test
services:
# Splunk Universal Forwarder:
splunk-forwarder:
container_name: uf1
image: splunk/universalforwarder:latest
restart: always
ports:
- "9997:9997"
volumes:
- ./splunkforwarder-etc:/opt/splunkforwarder-etc
- ./SPLUNK_HOME_DIR:/opt/splunkforwarder
environment:
- SPLUNK_START_ARGS=--accept-license
- SPLUNK_PASSWORD=lwetem21
- SPLUNK_STANDALONE_URL=https://<MY Splunk Enterprise DNS Name>:8000
networks:
- splunk
It stops with this output:
[splunk@8de54aed8c1f splunkforwarder]$ pwd
/opt/splunkforwarder
[splunk@8de54aed8c1f bin]$ ./splunk add forward-server idx1.mycompany.com:9997
Warning: Attempting to revert the SPLUNK_HOME ownership
Warning: Executing "chown -R splunk /opt/splunkforwarder"
Error calling execve(): No such file or directory
Error launching command: No such file or directory
execvp: No such file or directory
Do you agree with this license? [y/n]: y
This appears to be an upgrade of Splunk.
--------------------------------------------------------------------------------)
Splunk has detected an older version of Splunk installed on this machine. To
finish upgrading to the new version, Splunk's installer will automatically
update and alter your current configuration files. Deprecated configuration
files will be renamed with a .deprecated extension.
You can choose to preview the changes that will be made to your configuration
files before proceeding with the migration and upgrade:
If you want to migrate and upgrade without previewing the changes that will be
made to your existing configuration files, choose 'y'.
If you want to see what changes will be made before you proceed with the
upgrade, choose 'n'.
Perform migration and upgrade without previewing configuration changes? [y/n] y
-- Migration information is being logged to '/opt/splunkforwarder/var/log/splunk/migration.log.2023-02-22.10-57-49' --
Migrating to:
VERSION=9.0.4
BUILD=de405f4a7979
PRODUCT=splunk
PLATFORM=Linux-x86_64
Error calling execve(): No such file or directory
Error launching command: Invalid argument
The mentioned log btw is an empty file.
I pulled the latest image from:
What am I doing wrong or there better guides to follow than the links that I have already provided.
With kind regards, CJ
Get Updates on the Splunk Community!
Index This | I’m short for "configuration file.” What am I?
May 2024 Edition
Hayyy Splunk Education Enthusiasts and the Eternally Curious!
We’re back with a Special ...
New Articles from Academic Learning Partners, Help Expand Lantern’s Use Case Library, ...
Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...
Your Guide to SPL2 at .conf24!
So, you’re headed to .conf24? You’re in for a good time. Las Vegas weather is just *chef’s kiss* beautiful in ...
