This is a 3 year-old question. You should, really, if you want to garner a new answer, open a new question.
That is largely irrelevant, though. As it is all of my previous responses stand. There's nothing new or different about your problem that isn't already addressed above. The file-system in read-only mode, when to have written the PID file it must have previously have been read-write suggests a file-system error was detected by the kernel. You need to check your logs and dmesg buffer for disk and file-system errors and remediate the problem. Until you do, the system is highly suspect and at risk. You may want to consider backing it up before you do, but you're going to need to reboot (with the understanding that if this is the first manifestation of a bigger fault, it may not come back). Read my answers above. This isn't a Splunk problem, it's a fundamental sysadmin problem.
... View more