This is the first time I'm trying to install splunk universal forwarder (184.108.40.206) on an AIX (7.1) machine. I have no previous experience with AIX, but have installed many on Linux/Unix machines. The issue I seem to get is when I'm done installing, and splunk prompts for a user/password, the entire process hangs after I've input the username. The only way out is to kill the PID or exit the machine.
I have downloaded the tgz file, expanded the tar with: gunzip -c "filename.tar.gz" | tar -xvf, to the /opt folder
Changed ownership with : chown -R splunk:splunk /splunk/splunkforwarder
Switched to splunk user to install : su - splunk
Run on $/SPLUNK_HOME/bin: ./splunk start --accept license
Enter username, and this is where is stops
Any suggestions would be kindly appreciated
Hi @gcusello ,
Thanks for your reply.
I have followed the AIX installation guide as recommended and deleted off all old splunkforwarder files, starting with a fresh installation .
After unzipping the file to opt/splunk/$SPLUNK_HOME,
changing ownership: chown -R splunk:splunk
su - splunk
The process still hangs after running $SPLUNK_HOME/bin/./splunk enable boot-start, right at the beginning when prompting for the splunk administrator username.
It did not even get to the prompt below :
This command invokes the following system commands to register the forwarder in the System Resource Controller (SRC):
mkssys -G splunk -s splunkd -p <path to splunkd> -u <splunk user> -a _internal_exec_splunkd -S -n 2 -f 9
Is there any way for me to check logs for any errors or dump files? I am not able to create a diag file via ./splunk diag as splunk is not yet installed
I tried running netstat to look for any splunkd processes or common ports such as 8000, 8080, 8089, or 9997 to no avail
This AIX machine has the same resources as all other machines so there shouldn't be a resource bottleneck.
splunk universal forwarder (220.127.116.11) on an AIX (7.1) machine,