Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
44 results
Sorted by:
09-29-2017
11:41 AM
I get the following error message when running a search on the search head:
Unable to distribute to peer named :8089 at uri=:8089 using the uri-scheme=https because peer has status="Down". P...
10-06-2021
06:04 AM
...nd after cca 5 minutes the search ends with an error message "Streamed search execute failed because: Error in 'lookup' command: Failed to re-open lookup file: '/srv/app/int/secmon/splunk/var/run/search...
Labels
- Labels:
-
troubleshooting
-
upgrade
04-17-2013
07:59 AM
...ailing.
Looking through the search.log I see messages like
ERROR dispatchRunner - RunDispatch::runDispatchThread threw error: Application does not exist: search
However the application e...
- Tags:
- distributed
09-14-2020
02:27 PM
...tc/auth//distServerKeys/private.pem is never generated on the search head. The search peers, on the other hand, do have both files. Also in splunkd.log, I see messages such as: Distributed...
02-26-2022
02:37 PM
...bsp; ./splunk add search-server <ipaddress>:8089 -auth admin:password -remoteUsername admin -remotePassword password. yet running to the same error message: An error occurred: Error w...
Labels
- Labels:
-
distributed search
02-23-2017
09:15 AM
we are running on Distributed Search Environment, we have two Heavy Forwarders. i'm actually unable to search estreamer logs so i have noticed this in splunkd.log
"Insufficient permissions to r...
10-05-2015
09:25 AM
.....
Deleted the Dash version of local/data/ui/nav/default.xml from the DMC.
DMC is in distributed mode. Nav bar updated.
"D:\Splunk\etc\auth\ca.pem": already a renewed Splunk certificate: skipping r...
01-16-2018
02:55 AM
In my environment SH, indexer 1, indexer 2 exist, and distributed search is done for indexers 1 and 2 from SH.
Yesterday, since data was duplicated in indexers 1 and 2, I give can_delete role to a...
02-26-2014
07:50 AM
1 Karma
I have 2 Splunk instances living on Linux systems that I’ve inherited, and the one Search Head is throwing the following messages;
[subsearch]: [<indexer server name>] Failed to create a b...
06-14-2017
01:13 AM
This is a distributed deployment with a search head cluster and index cluster. The Splunk_TA_Microsoft_Sharepoint addon has been installed on Indexers, Search Heads and a Heavy Forwarder which g...
