×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
linkwhit
Engager
Member since: ‎07-19-2019
‎06-05-2020
Community Statistics
Posts 1
Solutions 0
Karma Given 1
Karma Received 0
Member Since ‎07-19-2019
Activity Feed
Topics I've Started
No posts to display.
View All

Re: Splunk is generating filenames that exceed 255...

by in Knowledge Management
‎07-19-2019 06:26 AM
‎07-19-2019 06:26 AM
This impacts search head snapshots which fail with too long path names. Then if a shcluster member falls out of sync far enough where only a resync can recover, old snapshots will be invoked wiping out changes to the cluster since the last snapshot. Don't resync to recover an unhealthy member until you check /var/run/snapshot and ensure you have current bundles on at least the captain. There's close to zero documentation about snapshots and how they work other than a little note in release notes and snapshots failing due to long pathnames. We of course will add to look for the errors regarding long pathnames and snapshots failing in splunkd.log in our monitoring solution, but pop up errors/messages in the gui, like we get for other cluster problems would have really helped here. ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM
Karma given to
View All