cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Marcin
Explorer
Member since: ‎03-12-2010
‎06-05-2020
Community Statistics
Posts 3
Solutions 1
Karma Given 0
Karma Received 2
Member Since ‎03-12-2010
View All

terminate called after throwing an instance of 'Po...

by in Monitoring Splunk
‎10-08-2010 05:17 PM
‎10-08-2010 05:17 PM
I keep getting the following error in crash logs on splunk-3.4.12-69236 64 bit. Anyone has any idea what is causing it? Backtrace: [0x0000003FB5A31BF0] abort + 272 (/lib64/libc.so.6) [0x0000000000BACEE8] ZN9_gnu_cxx27__verbose_terminate_handlerEv + 200 (splunkd) [0x0000000000BA4236] ZN10_cxxabiv111__terminateEPFvvE + 6 (splunkd) [0x0000000000BA4263] ? (splunkd) [0x0000000000BA4363] ? (splunkd) [0x000000000092D1CC] _ZNK18PollableDescriptor11setNonblockEb + 124 (splunkd) [0x00000000009134F6] _ZN8PolledFd9after_addEv + 38 (splunkd) [0x0000000000915CBA] _ZN15PolledFdManager12when_expiredEv + 634 (splunkd) [0x0000000000912975] _ZN9EventLoop30recursiveRunZeroLengthTimeoutsEP7Timeout + 133 (splunkd) [0x00000000009150AB] _ZN9EventLoop3runEv + 491 (splunkd) [0x00000000009473C9] _ZN6Thread8callMainEPv + 41 (splunkd) [0x0000003FB6206307] ? (/lib64/libpthread.so.0) [0x0000003FB5AD1DED] clone + 109 (/lib64/libc.so.6) Linux / sarcastic / 2.6.18-92.1.18.el5 / #1 SMP Wed Nov 12 09:19:49 EST 2008 / x86_64 Last few lines of stderr (may contain info on assertion failure, but also could be old): Ctl-C signal received terminate called after throwing an instance of 'PollableDescriptorException' what(): can't F_GETFL Ctl-C signal received terminate called after throwing an instance of 'PollableDescriptorException' what(): can't F_GETFL /etc/redhat-release: CentOS release 5.2 (Final) glibc version: 2.5 glibc release: stable ... View more

Re: When should I use a FIFO for an input?

by in Monitoring Splunk
‎03-12-2010 10:05 PM
1 Karma
‎03-12-2010 10:05 PM
1 Karma
As long as the writes are less than 4k, usually, the operation is atomic. This allows multiple processes to use the same pipe - /var/log/splunk for example. But this is a "I don't want to write to a file" type scenario. The only other use that I can think if is letting Splunk observe communications between processes that use named pipes, and act on it, like logging xmlrpc calls. I can't think of downsides - reads are blocking, you can't seek, the data can get lost if not cached on disk before it's read from the pipe. ACLs are limited to what the file system provides, but all those are only a limit if the pipes were to pretend to be files. ... View more

Re: How do I increase the limit on events returned...

by in Splunk Search
‎03-12-2010 08:45 PM
1 Karma
‎03-12-2010 08:45 PM
1 Karma
I think what you are looking for is "-maxout NUM", which changes the limit of returned results from 100 to NUM. ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:02 AM
Karma from
View All