About Strype

david_pinon · ‎04-02-2015

This didn't work for me either and I also receive: Error 1067: The process terminated unexpectedly.

camillak · ‎08-14-2019

Has this been fixed? I am still encountering this on 7.2.5

krish3 · ‎03-10-2014

Are you binding proxy IP and port to splunk instance?

daniel_splunk · ‎04-19-2013

If you want both search head to use the common set of knowledge bundle, you need to configure Search head pooling.

u07t04 · ‎08-01-2013

Did this worked for you? Please let me know.Thanks!

christian_l · ‎04-10-2013

Problem solved! I found some " in the lookup file. Looks like the splunk lookup gets in trouble if only one " is appearing per lookup-file line. It results in strange behaviour as described above. The lines between a first single-" and the next " getting an null content. After letting sed delete all the " in the file, the lookup works fine! As I use a script to fill the lookup files it was easy to add the following sed command: sed -i 's/"//g' $LOOKUP_FILE Now every future lookup-file should be compatible.

Posts	17
Solutions	1
Karma Given	3
Karma Received	3
Member Since	‎07-21-2011

Online Status	Offline
Date Last Visited	‎06-05-2020 02:03 AM

Windows could not start the Splunkd (or SplunkForw...

500 Internal Server Error

Single Indexer with 2 different Search Heads?

Knowledge Bundle Cache?

Re: Windows could not start the Splunkd (or Splunk...

Re: ERROR WIth ProcessDispatchedSearch - PROCESS_S...

Re: 500 Internal Server Error

Re: Single Indexer with 2 different Search Heads?

Re: Knowledge Bundle Cache?

Re: Missing values from lookup-files