×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Dave737
New Member
Member since: ‎05-08-2025
‎11-06-2025
Community Statistics
Posts 1
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎05-08-2025
Activity Feed
Topics I've Started
No posts to display.
View All

Re: Universal forwarder version 10 memory leak

by in Splunk Enterprise
‎11-06-2025 08:09 AM
‎11-06-2025 08:09 AM
I upgraded to Splunk Forwarder 10.0.1 yesterday on a PC running Windows10 with 32GB of RAM. The process name is "Monitor windows event log" which is called from "splunk-wineventlog.exe" This process sat consuming over 28GB of RAM!  I reverted back to 9.4.3 which consumes about 150MB of RAM. This seems to affect physical servers, VM's and PC's. Luckily I didn't deploy it to too many machines and it's strange that some are running the update with no memory issues as yet. I have had to revert the forwarder on 3 machines but still testing on half a dozen others.   ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎11-06-2025 07:52 AM