Machine agent log shows error as below. We have restarted the machine agent and the issue still persists. Can someone help in fixing this? [system-thread-0] 07 Mar 2022 00:20:17,926 INFO SimAgentRepetitiveLoggingModule - The turnover time for the SIM agent repetitive logger is 5 minutes [system-thread-0] 07 Mar 2022 00:20:17,926 INFO SimAgentRepetitiveLoggingModule - The cache size for the SIM agent repetitive logger is 1000 [system-thread-0] 07 Mar 2022 00:20:17,926 INFO SystemAgent - #################################################################################### [system-thread-0] 07 Mar 2022 00:20:17,926 INFO SystemAgent - Agent Install Directory [C:\Program Files\AppDynamics\AppD_Infra_Monitoring] [system-thread-0] 07 Mar 2022 00:20:17,926 INFO SystemAgent - Using Agent Version [Machine Agent v4.4.3.1214 GA Build Date 2018-04-28 05:12:10] [system-thread-0] 07 Mar 2022 00:20:17,926 INFO SystemAgent - JVM Runtime: java.home=c:\program files\appdynamics\appd_infra_monitoring\jre java.vm.vendor=Oracle Corporation java.vm.name=Java HotSpot(TM) 64-Bit Server VM java.runtime.version=1.8.0_111-b14 java.io.tmpdir=C:\Windows\TEMP\ user.language=en user.country=US user.variant= Default locale=en_US [system-thread-0] 07 Mar 2022 00:20:17,926 INFO SystemAgent - OS Runtime: os.name=Windows Server 2012 os.arch=amd64 os.version=6.2 user.name=<servername is removed>$ user.home=C:\Windows\system32\config\systemprofile user.dir=C:\Program Files\AppDynamics\AppD_Infra_Monitoring\bin [system-thread-0] 07 Mar 2022 00:20:17,926 INFO SystemAgent - JVM Args : -Dexe4j.semaphoreName=Local\c:_program_files_appdynamics_appd_infra_monitoring_bin_machineagentservice.exe0 | -Dexe4j.isService=true | -Dexe4j.moduleName=C:\Program Files\AppDynamics\AppD_Infra_Monitoring\bin\MachineAgentService.exe | -Dexe4j.tempDir=C:\Windows\TEMP\e4j9F57.tmp_dir1646630412 | -Dexe4j.unextractedPosition=316127 | -Djava.library.path=D:\apps_srv\webagent\win32\bin;D:\apps_srv\webagent\win64\bin;D:\apps_srv\webagent\win64\install_config_info\lib;D:\apps_srv\webagent\win64\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\IBM\ITM\InstallITM;;C:\Program Files\BMCperform\Patrol3\BEST1\11.5.00\bgs\bin;C:\Windows;C:\Windows\system32;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\IBM\ITM\bin;C:\IBM\ITM\TMAITM6;C:\Program Files\PKWARE\pkzipc;C:\Program Files\NCache\bin\tools;;c:\program files\appdynamics\appd_infra_monitoring\jre\bin | -Dexe4j.consoleCodepage=cp0 | -Dlog4j.configuration=file:..\conf\logging\log4j.xml | -XX:-CreateMinidumpOnCrash | -Xrs | [system-thread-0] 07 Mar 2022 00:20:17,926 INFO SystemAgent - Machine Agent is resolving bootstrap info.... [system-thread-0] 07 Mar 2022 00:20:17,942 INFO SystemAgent - Orchestration is disabled - disabling virtualization resolvers by default. [system-thread-0] 07 Mar 2022 00:20:17,942 INFO SystemAgent - Full Agent Registration Info Resolver found system property [appdynamics.agent.create.agent.info.if.missing] for appdynamics.agent.create.agent.info.if.missing [false] [system-thread-0] 07 Mar 2022 00:20:17,942 INFO SystemAgent - Default Host Identifier Resolver using host name for unique host identifier [<servername is removed>] [system-thread-0] 07 Mar 2022 00:20:18,445 INFO SystemAgent - Default IP Address Resolver found IP addresses [[169.171.32.81, 169.254.128.132]] [system-thread-0] 07 Mar 2022 00:20:18,445 INFO SystemAgent - Full Agent Registration Info Resolver using selfService [false] [system-thread-0] 07 Mar 2022 00:20:18,445 INFO SystemAgent - Full Agent Registration Info Resolver using application name [null] [system-thread-0] 07 Mar 2022 00:20:18,445 INFO SystemAgent - Full Agent Registration Info Resolver using tier name [null] [system-thread-0] 07 Mar 2022 00:20:18,445 INFO SystemAgent - Full Agent Registration Info Resolver using node name [null] [system-thread-0] 07 Mar 2022 00:20:18,445 INFO SystemAgent - XML Controller Info Resolver found controller host [appdync-nam-icg-p1.wlb2.nam.nsroot.net] [system-thread-0] 07 Mar 2022 00:20:18,445 INFO SystemAgent - XML Controller Info Resolver found controller port [8181] [system-thread-0] 07 Mar 2022 00:20:18,445 INFO SystemAgent - XML Agent Account Info Resolver using account name [customer1] [system-thread-0] 07 Mar 2022 00:20:18,445 INFO SystemAgent - XML Agent Account Info Resolver using account access key [****] [system-thread-0] 07 Mar 2022 00:20:18,523 WARN FrameworkBootstrap - Failed to start framework com.google.inject.CreationException: Unable to create injector, see the following errors: 1) Error injecting constructor, java.lang.NoClassDefFoundError: org/apache/commons/fileupload/FileUploadException at com.singularity.ee.agent.systemagent.SystemAgent.<init>(SystemAgent.java:50) at com.appdynamics.agent.sim.legacy.LegacyAgentModule.configure(LegacyAgentModule.java:59) while locating com.singularity.ee.agent.systemagent.SystemAgent Caused by: java.lang.NoClassDefFoundError: org/apache/commons/fileupload/FileUploadException at com.singularity.ee.agent.systemagent.Agent.setupHttpClientWrapper(Agent.java:265) at com.singularity.ee.agent.systemagent.Agent.<init>(Agent.java:248) at com.singularity.ee.agent.systemagent.SystemAgent.<init>(SystemAgent.java:42) at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) at java.lang.reflect.Constructor.newInstance(Constructor.java:423) at com.google.inject.internal.DefaultConstructionProxyFactory$2.newInstance(DefaultConstructionProxyFactory.java:86) at com.google.inject.internal.ConstructorInjector.provision(ConstructorInjector.java:105) at com.google.inject.internal.ConstructorInjector.construct(ConstructorInjector.java:85) at com.google.inject.internal.ConstructorBindingImpl$Factory.get(ConstructorBindingImpl.java:267) at com.google.inject.internal.ProviderToInternalFactoryAdapter$1.call(ProviderToInternalFactoryAdapter.java:46) at com.google.inject.internal.InjectorImpl.callInContext(InjectorImpl.java:1103) at com.google.inject.internal.ProviderToInternalFactoryAdapter.get(ProviderToInternalFactoryAdapter.java:40) at com.google.inject.internal.SingletonScope$1.get(SingletonScope.java:145) at com.google.inject.internal.InternalFactoryToProviderAdapter.get(InternalFactoryToProviderAdapter.java:41) at com.google.inject.internal.InternalInjectorCreator$1.call(InternalInjectorCreator.java:205) at com.google.inject.internal.InternalInjectorCreator$1.call(InternalInjectorCreator.java:199) at com.google.inject.internal.InjectorImpl.callInContext(InjectorImpl.java:1092) at com.google.inject.internal.InternalInjectorCreator.loadEagerSingletons(InternalInjectorCreator.java:199) at com.google.inject.internal.InternalInjectorCreator.injectDynamically(InternalInjectorCreator.java:180) at com.google.inject.internal.InternalInjectorCreator.build(InternalInjectorCreator.java:110) at com.google.inject.internal.InjectorImpl.createChildInjector(InjectorImpl.java:226) at com.appdynamics.voltron.FrameworkBootstrap.createInjector(FrameworkBootstrap.java:105) at com.appdynamics.voltron.FrameworkBootstrap.start(FrameworkBootstrap.java:162) at com.appdynamics.agent.sim.main.SecondStageSystem.start(SecondStageSystem.java:175) at com.appdynamics.agent.sim.main.SecondStageSystem.loadFeatures(SecondStageSystem.java:128) at com.appdynamics.agent.sim.main.SecondStageSystem.access$000(SecondStageSystem.java:48) at com.appdynamics.agent.sim.main.SecondStageSystem$1.run(SecondStageSystem.java:115) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:180) at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Caused by: java.lang.ClassNotFoundException: org.apache.commons.fileupload.FileUploadException at java.net.URLClassLoader.findClass(URLClassLoader.java:381) at java.lang.ClassLoader.loadClass(ClassLoader.java:424) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:331) at java.lang.ClassLoader.loadClass(ClassLoader.java:357) ... 36 more

  I have following splunk fields Date,Group,State State can have following values InProgress|Declined|Submitted I like to get following result Date. Group. TotalInProgress. TotalDeclined TotalSubmitted. Total ----------------------------------------------------------------------------- 12-12-2021 A. 13. 10 15 38 I couldn't figured it out. Any help would be appreciated

Hi have a results from my mail index say log look like below sender=abc recipient=xyz@sample.com,ghi@nonsample.com country=abc sender=def recipient=team@nonsample.com country=xyz sender=gfh recipient=tip@nonsample.com country=efg sender=abc recipient=none@sample.com,sample@nonsample.com country=pqr I want to shows in a table only the non comma separated recipients only (as highlighted in bold where there are no multiple recipients)   can some one help me on this  

Can we suppress the trigger actions of the alert at its first trigger and then on the next time when the alert triggers it should do the trigger actions.... Please assist if this can be doable and how to configure it to achieve this.   Thanks a ton !

As the title suggests, I want to index data from Splunk user email account's inbox folder. Splunk version - 8.2.4 Have already checked out TA-mailclient and IMAP Mailbox addons but none of them work and are unsupported In the first add-on, no matter how many times I change the attribute disabled to 0 in inputs.conf, it goes back to 1 after a restart. In the second addon, after using the troubleshooting command, I get the following error   File "/opt/splunk/etc/apps/IMAPmailbox/bin/get_imap_email.py", line 104 self.port = 993 ^ TabError: inconsistent use of tabs and spaces in indentation     Hence, can someone please advise how best to achieve this ?

I am using 2 lookup tables to correlate and combine data to create a new .csv. In this process, I have a field that has numerical values in it that i want to sum based on the values of another field.  The raw data looks something like this: stage,resource,hours x,rick,1 x,rick,10 x,dave,1 y,rick,5 y,dave,3 y,dave,8   I want the output to look like: x,rick,11 x,dave,1 y,rick,5 y,dave,11   Below is the search I have, it almost works but it does not sum the totals for rick and dave individually, it sums them all, so the output looks like: x,rick,12 x,dave,12 y,rick,16 y,dave,16   |inputlookup mod_master |lookup lookuptable1 Engagement OUTPUTNEW ResourceLastName,RegularHours | eval Resource=mvdedup(ResourceLastName) | mvexpand Resource | eval Hours=sum(RegularHours) | fillnull value=0 Hours | table Stage,Resource,Hours     How can i change the logic in this search so I get the correct individual sums for Rick and Dave and not the combined total for each? Thank you in advance!  

Hello everyone, when I imported the entities, the operating system family value was mapped to 'Entity Type'. I'm currently setting up a couple services, one for Linux and another for Windows. In the Entity Rules builder, I can't find a way to include a condition 'Entity Type matches Windows Server'. Is it really so? (bit suprised). It seems to me I'll have to re-import the entities (using the update option) with an extra field for OS Family and set it as informational field. Any hints or tips are welcome! Thanks!

I am using timewrap to get the info for last 3 weeks and show data correspondly for 3 week with 3 different pie chart(when i activate the trellis layout). Although the data are correct it shows the chart where the dates are  incorrect like they are showing the dates for current week for others previous week and last 2 weeks. How would i make it show each date data in 3 pie chart with 7 days data information.   index=mysearch earliest=-21d@d latest=@d | timechart count span=1d | timewrap w 

hi, i am a bit lost, i am trying to extract some % values of specific parameters. but with no luck example i want to extract the anti-virus value of 12%   this is my command | rex field=_raw "Anti-Spam\s*<(?<cpu>.*)>" Gauges: Current System RAM Utilization 65% Overall CPU load average 43% CPU Utilization MGA 20% Anti-Virus 12% Reporting 0% Quarantine 0%

Hi, after a Windows system crash of the raid controller, I only get empty reports.  I moved the installation to a VM and everything looked good... But: empty dashboard reports! Getting data from the windows eventlogs into splunk still works, but most entries have this problem: Message=Splunk could not get the description for this event. Either the component that raises this event is not installed on your local computer or the installation is corrupt. FormatMessage error... I checked wecutil gs and I found, it was set to "rendered text" for both of my subscriptions. I've set it back to "events" but still no luck. Restart of the service: not luck. I'm running SPLUNK Enterprise 8.2.5 on Windows Server 2016. Any hints are highly appreciated! Best, EL

Hi I have a query based on response times from a  service. index=homebanking "/soa/mcoi-rc-services/ContractService" Time="*" | rex field=_raw "\/(?<time>[^_\/]+)[\w\.]+($|\s)" | stats count by Time | fields - count I get these results......   I'd like to now create a graph of these results showing a graduation or reduction of the response times. Can someone help? Best, Sheldon.        

Hi  All, I am going to work on a multisite architecture (3-sites) where we are keeping 6 indexers in a cluster (2 in each sites) ,and 6 SHs in a cluster (2 in each sites) , 3 SHs in another cluster (1 in each site) for reporting .  1 Indexer cluster 2 SHs clusters i wanted to understand what will be the best site search factor & site replication factor for a 3-sites multisite clustering . Any suggestion will be appreciated .  Thanks , Sushree