Deployment Architecture
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Seeing recurring error "Timeliner - Failed to rm dir" even though permissions are correct...

tmeader
Contributor
‎03-30-2011 04:37 AM

We've been seeing the same error as originally mentioned in this older question:

http://answers.splunk.com/questions/11607/4-1-7-upgrade-from-4-1-4-new-error-message-failed-to-rm-di...

Haven't seen any further insight from anyone at Splunk on this, was just wondering if any conclusion was ever reached as to the cause of this error. To be specific, we're seeing lines like the following after nearly every search that's executed (note: the searched finish fine in the interface, and, at least in the web gui, everything seems normal):

03-29-2011 22:26:44.014 ERROR Timeliner - Failed to rm dir /opt/splunk/var/run/splunk/dispatch/searchparsetmp_607175023/buckets: No such file or directory

Going by the advice in the aforementioned question, we've confirmed that all necessary ownership and permissions are set properly all the way through to (and including) the "dispatch" directory. Likewise, the directories mentioned in these messages are being removed properly after the searches finish their natural lifespan. I'm not sure what's causing the generation of these errors from the "Timeliner". It's as if it isn't aware that the searches are completing properly, and is trying to cleanup the directories after the fact.

Any insight or suggestions on further debugging this would be greatly appreciated.

Reply
1 Solution
Solved! Jump to solution
Solution

yannK
Splunk Employee
Splunk Employee
‎03-31-2011 02:03 AM

Please disregards this Error message, it's not a relevant one.

This is a know bug "SPL-38078" and "SPL-35722", and will be fixed in next releases (4.1.8).

View solution in original post

Reply
Solved! Jump to solution
Solution

yannK
Splunk Employee
Splunk Employee
‎03-31-2011 02:03 AM

Please disregards this Error message, it's not a relevant one.

This is a know bug "SPL-38078" and "SPL-35722", and will be fixed in next releases (4.1.8).

Reply
Solved! Jump to solution

fox
Path Finder
‎03-30-2011 12:52 PM

are you on Windows?

We have found some permissioning issues with Windows installations and have manually changed permissions on all sub directories and files...

0 Karma
Reply
Solved! Jump to solution

tmeader
Contributor
‎03-30-2011 01:20 PM

Nope, this is CentOS 5.5 x64. We've checked all file/directory ownership and permissions though... it's definitely not that. The fact of the matter is, the directories do not exist (were already removed) yet Splunk keeps trying to after the fact for some reason.

0 Karma
Reply
Get Updates on the Splunk Community!

How to Monitor Google Kubernetes Engine (GKE)

We’ve looked at how to integrate Kubernetes environments with Splunk Observability Cloud, but what about ...

Index This | How can you make 45 using only 4?

October 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this ...

Splunk Education Goes to Washington | Splunk GovSummit 2024

If you’re in the Washington, D.C. area, this is your opportunity to take your career and Splunk skills to the ...