Created
January 30, 2024 23:09
-
-
Save Amndeep7/9d65c8dedd0739cc82bc682295bcc6f0 to your computer and use it in GitHub Desktop.
Splunk 9.1.2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ docker exec -it -u 0 a0b98db34268 /bin/bash | |
| [root@a0b98db34268 splunk]# cat var/log/splunk/splunkd.log | |
| 01-30-2024 22:23:33.874 +0000 INFO ServerConfig [0 MainThread] - Will generate GUID, as none found on this server. | |
| 01-30-2024 22:23:33.874 +0000 INFO ServerConfig [0 MainThread] - My newly generated GUID is A194E1FA-0225-486F-A281-1AF937B2C5CC | |
| 01-30-2024 22:23:33.875 +0000 INFO ServerConfig [0 MainThread] - My server name is "a0b98db34268". | |
| 01-30-2024 22:23:33.875 +0000 INFO ServerConfig [0 MainThread] - Found no site defined in server.conf | |
| 01-30-2024 22:23:33.875 +0000 INFO ServerConfig [0 MainThread] - My hostname is "a0b98db34268". | |
| 01-30-2024 22:23:33.904 +0000 WARN SSLOptions [0 MainThread] - server.conf/[sslConfig]/sslVerifyServerCert is false disabling certificate validation; must be set to "true" for increased security | |
| 01-30-2024 22:23:33.924 +0000 INFO ServerConfig [0 MainThread] - SSL session cache path enabled 0 session timeout on SSL server 300.000 | |
| 01-30-2024 22:23:33.925 +0000 INFO ServerConfig [0 MainThread] - Setting HTTP server compression state=on | |
| 01-30-2024 22:23:33.926 +0000 INFO ServerConfig [0 MainThread] - Setting HTTP client compression state=1 (true) | |
| 01-30-2024 22:23:33.926 +0000 INFO ServerConfig [0 MainThread] - disableSSLShutdown=0 | |
| 01-30-2024 22:23:33.926 +0000 INFO ServerConfig [0 MainThread] - Setting search process to have long life span: enable_search_process_long_lifespan=1 | |
| 01-30-2024 22:23:33.926 +0000 INFO ServerConfig [0 MainThread] - certificateStatusValidationMethod is not set, defaulting to none. | |
| 01-30-2024 22:23:33.926 +0000 INFO ServerConfig [0 MainThread] - Splunk is starting with EC-SSC disabled | |
| 01-30-2024 22:23:33.939 +0000 INFO loader [0 MainThread] - Regex JIT enabled | |
| 01-30-2024 22:23:33.940 +0000 INFO loader [0 MainThread] - RE2 library enabled | |
| 01-30-2024 22:23:33.940 +0000 INFO loader [0 MainThread] - using CLOCK_MONOTONIC | |
| 01-30-2024 22:23:33.974 +0000 INFO BundlesSetup [1394 MainThread] - Setup stats for /opt/splunk/etc: wallclock_elapsed_msec=26, cpu_time_used=0.0265652, shared_services_generation=1, shared_services_population=1 | |
| 01-30-2024 22:23:33.984 +0000 INFO loader [1394 MainThread] - Splunkd starting (build b6b9c8185839). | |
| 01-30-2024 22:23:33.984 +0000 INFO loader [1394 MainThread] - System info: Linux, a0b98db34268, 6.5.11-linuxkit, #1 SMP PREEMPT_DYNAMIC Wed Dec 6 17:14:50 UTC 2023, x86_64. | |
| 01-30-2024 22:23:33.985 +0000 INFO loader [1394 MainThread] - Detected 12 (virtual) CPUs, 12 CPU cores, and 7949MB RAM | |
| 01-30-2024 22:23:33.985 +0000 INFO loader [1394 MainThread] - Maximum number of threads (approximate): 3974 | |
| 01-30-2024 22:23:33.985 +0000 INFO loader [1394 MainThread] - Getting configuration data from: /opt/splunk/etc/myinstall/splunkd.xml | |
| 01-30-2024 22:23:33.986 +0000 INFO loader [1394 MainThread] - SPLUNK_MODULE_PATH environment variable not found - defaulting to /opt/splunk/etc/modules | |
| 01-30-2024 22:23:33.986 +0000 INFO loader [1394 MainThread] - loading modules from /opt/splunk/etc/modules | |
| 01-30-2024 22:23:33.996 +0000 INFO loader [1394 MainThread] - Writing out composite configuration file: /opt/splunk/var/run/splunk/composite.xml | |
| 01-30-2024 22:23:34.013 +0000 INFO PipelineComponent [1394 MainThread] - Ingestion pipeline sets have been configured to use pipeline set policy=round_robin for multiple pipeline sets. | |
| 01-30-2024 22:23:34.078 +0000 INFO LMStackMgr [1394 MainThread] - Initializing CleMgr... | |
| 01-30-2024 22:23:34.078 +0000 INFO LicenseMgr [1394 MainThread] - Initing LicenseMgr | |
| 01-30-2024 22:23:34.078 +0000 INFO LMConfig [1394 MainThread] - serverName=a0b98db34268 guid=A194E1FA-0225-486F-A281-1AF937B2C5CC | |
| 01-30-2024 22:23:34.078 +0000 INFO LMConfig [1394 MainThread] - connection_timeout=30 | |
| 01-30-2024 22:23:34.078 +0000 INFO LMConfig [1394 MainThread] - send_timeout=30 | |
| 01-30-2024 22:23:34.078 +0000 INFO LMConfig [1394 MainThread] - receive_timeout=30 | |
| 01-30-2024 22:23:34.078 +0000 INFO LMConfig [1394 MainThread] - key=license_warnings_update_interval not found in licenser stanza of server.conf, defaulting=0 | |
| 01-30-2024 22:23:34.078 +0000 INFO LMConfig [1394 MainThread] - squash_threshold=2000 | |
| 01-30-2024 22:23:34.078 +0000 INFO LMConfig [1394 MainThread] - strict_pool_quota=1 | |
| 01-30-2024 22:23:34.078 +0000 INFO LMConfig [1394 MainThread] - key=pool_suggestion not found in licenser stanza of server.conf, defaulting='' | |
| 01-30-2024 22:23:34.078 +0000 INFO LMConfig [1394 MainThread] - key=test_aws_metering not found in licenser stanza of server.conf, defaulting=0 | |
| 01-30-2024 22:23:34.078 +0000 INFO LMConfig [1394 MainThread] - key=test_aws_product_code not found in licenser stanza of server.conf, defaulting=0 | |
| 01-30-2024 22:23:34.078 +0000 INFO LMConfig [1394 MainThread] - lm_ping_interval=86400 | |
| 01-30-2024 22:23:34.078 +0000 INFO LMConfig [1394 MainThread] - key=lm_uri not found in licenser stanza of server.conf, defaulting to empty array | |
| 01-30-2024 22:23:34.078 +0000 INFO LicenseMgr [1394 MainThread] - Initing LicenseMgr runContext_splunkd=true | |
| 01-30-2024 22:23:34.078 +0000 INFO LMStackMgr [1394 MainThread] - closing stack mgr | |
| 01-30-2024 22:23:34.078 +0000 INFO LMSlaveInfo [1394 MainThread] - all slaves cleared | |
| 01-30-2024 22:23:34.078 +0000 INFO LMStackMgr [1394 MainThread] - Initalized license_warnings_update_interval=auto | |
| 01-30-2024 22:23:34.078 +0000 INFO LMStackMgr [1394 MainThread] - License Manager supports Conditional Licensing Enforcement. For baked in CLE policies, window_period=60 days, max_violations=45, for stack size below 107374182400 bytes | |
| 01-30-2024 22:23:34.079 +0000 INFO LMLicense [1394 MainThread] - Applying default enforcement policy for free | |
| 01-30-2024 22:23:34.079 +0000 INFO LMStackMgr [1394 MainThread] - Added policy WinSz=30 Warnings=3 MaxSize=0 isDefault=1 features= for free | |
| 01-30-2024 22:23:34.079 +0000 INFO LMLicense [1394 MainThread] - Applying default enforcement policy for forwarder | |
| 01-30-2024 22:23:34.079 +0000 INFO LMStackMgr [1394 MainThread] - Added policy WinSz=30 Warnings=5 MaxSize=0 isDefault=1 features= for forwarder | |
| 01-30-2024 22:23:34.083 +0000 INFO LMStack [1394 MainThread] - Added type=download-trial license, from file=enttrial.lic, to stack=download-trial of group=Trial | |
| 01-30-2024 22:23:34.083 +0000 INFO LMLicense [1394 MainThread] - Applying default enforcement policy for download-trial | |
| 01-30-2024 22:23:34.083 +0000 INFO LMStackMgr [1394 MainThread] - created stack='download-trial' | |
| 01-30-2024 22:23:34.083 +0000 INFO LMStackMgr [1394 MainThread] - Added policy WinSz=30 Warnings=5 MaxSize=0 isDefault=1 features= for download-trial | |
| 01-30-2024 22:23:34.083 +0000 INFO LMStackMgr [1394 MainThread] - have to auto-set active stack group='Trial' reason='invalid/missing group id' gidStr='' oldGid=Invalid | |
| 01-30-2024 22:23:34.095 +0000 INFO LMConfig [1394 MainThread] - created default pool=auto_generated_pool_download-trial for stack=download-trial | |
| 01-30-2024 22:23:34.095 +0000 INFO LMStackMgr [1394 MainThread] - added default pool=auto_generated_pool_download-trial for stack=download-trial | |
| 01-30-2024 22:23:34.106 +0000 INFO LMConfig [1394 MainThread] - created default pool=auto_generated_pool_forwarder for stack=forwarder | |
| 01-30-2024 22:23:34.107 +0000 INFO LMStackMgr [1394 MainThread] - added default pool=auto_generated_pool_forwarder for stack=forwarder | |
| 01-30-2024 22:23:34.118 +0000 INFO LMConfig [1394 MainThread] - created default pool=auto_generated_pool_free for stack=free | |
| 01-30-2024 22:23:34.118 +0000 INFO LMStackMgr [1394 MainThread] - added default pool=auto_generated_pool_free for stack=free | |
| 01-30-2024 22:23:34.118 +0000 INFO ServerRoles [1394 MainThread] - Declared role=license_master. | |
| 01-30-2024 22:23:34.118 +0000 INFO ServerRoles [1394 MainThread] - Declared role=license_manager. | |
| 01-30-2024 22:23:34.118 +0000 INFO LMStackMgr [1394 MainThread] - Initialized hideQuotaWarning = "0" | |
| 01-30-2024 22:23:34.118 +0000 INFO LMStackMgr [1394 MainThread] - init completed [A194E1FA-0225-486F-A281-1AF937B2C5CC,Trial,runContext_splunkd=true] | |
| 01-30-2024 22:23:34.118 +0000 INFO LicenseMgr [1394 MainThread] - StackMgr init complete... | |
| 01-30-2024 22:23:34.118 +0000 INFO LMTracker [1394 MainThread] - Setting default product type='enterprise' | |
| 01-30-2024 22:23:34.118 +0000 INFO LMTracker [1394 MainThread] - init'ing slaveId=A194E1FA-0225-486F-A281-1AF937B2C5CC label=a0b98db34268 [30,30,self] | |
| 01-30-2024 22:23:34.119 +0000 INFO LMTracker [1394 MainThread] - enabling implicit feature set | |
| 01-30-2024 22:23:34.119 +0000 INFO LMTracker [1394 MainThread] - attempting to ping master=self from slave=A194E1FA-0225-486F-A281-1AF937B2C5CC | |
| 01-30-2024 22:23:34.119 +0000 INFO LMSlaveInfo [1394 MainThread] - new slave='A194E1FA-0225-486F-A281-1AF937B2C5CC' created | |
| 01-30-2024 22:23:34.119 +0000 INFO LMSlaveInfo [1394 MainThread] - Detected that masterTimeFromSlave(ZERO_TIME) < lastRolloverTime(Tue Jan 30 00:00:00 2024), meaning that the master has already rolled over. Ignore slave persisted usage. | |
| 01-30-2024 22:23:34.119 +0000 INFO LMTracker [1394 MainThread] - setting masterGuid='A194E1FA-0225-486F-A281-1AF937B2C5CC' | |
| 01-30-2024 22:23:34.119 +0000 INFO LMTracker [1394 MainThread] - changing backwardCompatIsTrial=true | |
| 01-30-2024 22:23:34.120 +0000 INFO LMTracker [1394 MainThread] - attempting to contact master=self from slave=A194E1FA-0225-486F-A281-1AF937B2C5CC success | |
| 01-30-2024 22:23:34.120 +0000 INFO LicenseMgr [1394 MainThread] - Tracker init complete... | |
| 01-30-2024 22:23:35.063 +0000 INFO BundlesUtil [1394 MainThread] - Using manager-apps over master-apps, using: /opt/splunk/etc/manager-apps | |
| 01-30-2024 22:23:35.065 +0000 INFO BundlesUtil [1394 MainThread] - Using manager-apps over master-apps, using: /opt/splunk/etc/manager-apps | |
| 01-30-2024 22:23:35.066 +0000 INFO BundlesUtil [1394 MainThread] - Using manager-apps over master-apps, using: /opt/splunk/etc/manager-apps | |
| 01-30-2024 22:23:35.070 +0000 INFO BundlesUtil [1394 MainThread] - Using manager-apps over master-apps, using: /opt/splunk/etc/manager-apps | |
| 01-30-2024 22:23:35.071 +0000 INFO BundlesUtil [1394 MainThread] - Using manager-apps over master-apps, using: /opt/splunk/etc/manager-apps | |
| 01-30-2024 22:23:35.071 +0000 INFO BundlesUtil [1394 MainThread] - Using manager-apps over master-apps, using: /opt/splunk/etc/manager-apps | |
| 01-30-2024 22:23:35.085 +0000 INFO BundlesUtil [1394 MainThread] - Using manager-apps over master-apps, using: /opt/splunk/etc/manager-apps | |
| 01-30-2024 22:23:35.085 +0000 INFO SpecFiles [1394 MainThread] - Found external scheme definition for stanza="MonitorNoHandle://" from spec file="/opt/splunk/etc/system/README/inputs.conf.spec" with parameters="disabled, index" | |
| 01-30-2024 22:23:35.086 +0000 INFO BundlesUtil [1394 MainThread] - Using manager-apps over master-apps, using: /opt/splunk/etc/manager-apps | |
| 01-30-2024 22:23:35.086 +0000 INFO SpecFiles [1394 MainThread] - Found external scheme definition for stanza="WinEventLog://" from spec file="/opt/splunk/etc/system/README/inputs.conf.spec" with parameters="start_from, use_old_eventlog_api, use_threads, thread_wait_time_msec, suppress_checkpoint, suppress_sourcename, suppress_keywords, suppress_type, suppress_task, suppress_opcode, current_only, batch_size, checkpointInterval, checkpointSync, channel_wait_time, disabled, evt_resolve_ad_obj, evt_skip_GUID_resolution, evt_dc_name, evt_dns_name, evt_resolve_ad_ds, evt_ad_cache_disabled, evt_ad_cache_exp, evt_ad_cache_exp_neg, evt_ad_cache_max_entries, evt_exclude_fields, evt_sid_cache_disabled, evt_sid_cache_exp, evt_sid_cache_exp_neg, evt_sid_cache_max_entries, wec_event_format, index, whitelist, blacklist, whitelist1, whitelist2, whitelist3, whitelist4, whitelist5, whitelist6, whitelist7, whitelist8, whitelist9, blacklist1, blacklist2, blacklist3, blacklist4, blacklist5, blacklist6, blacklist7, blacklist8, blacklist9, key, suppress_text, renderXml" | |
| 01-30-2024 22:23:35.086 +0000 INFO BundlesUtil [1394 MainThread] - Using manager-apps over master-apps, using: /opt/splunk/etc/manager-apps | |
| 01-30-2024 22:23:35.086 +0000 INFO SpecFiles [1394 MainThread] - Found external scheme definition for stanza="WinHostMon://" from spec file="/opt/splunk/etc/system/README/inputs.conf.spec" with parameters="type, interval, disabled, index" | |
| 01-30-2024 22:23:35.087 +0000 INFO BundlesUtil [1394 MainThread] - Using manager-apps over master-apps, using: /opt/splunk/etc/manager-apps | |
| 01-30-2024 22:23:35.087 +0000 INFO SpecFiles [1394 MainThread] - Found external scheme definition for stanza="WinNetMon://" from spec file="/opt/splunk/etc/system/README/inputs.conf.spec" with parameters="remoteAddress, process, user, addressFamily, packetType, direction, protocol, readInterval, driverBufferSize, userBufferSize, mode, multikvMaxEventCount, multikvMaxTimeMs, sid_cache_disabled, sid_cache_exp, sid_cache_exp_neg, sid_cache_max_entries, disabled, index" | |
| 01-30-2024 22:23:35.087 +0000 INFO BundlesUtil [1394 MainThread] - Using manager-apps over master-apps, using: /opt/splunk/etc/manager-apps | |
| 01-30-2024 22:23:35.087 +0000 INFO SpecFiles [1394 MainThread] - Found external scheme definition for stanza="WinPrintMon://" from spec file="/opt/splunk/etc/system/README/inputs.conf.spec" with parameters="type, interval, baseline, disabled, index" | |
| 01-30-2024 22:23:35.087 +0000 INFO BundlesUtil [1394 MainThread] - Using manager-apps over master-apps, using: /opt/splunk/etc/manager-apps | |
| 01-30-2024 22:23:35.087 +0000 INFO SpecFiles [1394 MainThread] - Found external scheme definition for stanza="WinRegMon://" from spec file="/opt/splunk/etc/system/README/inputs.conf.spec" with parameters="proc, hive, type, baseline, baseline_interval, disabled, index" | |
| 01-30-2024 22:23:35.088 +0000 INFO BundlesUtil [1394 MainThread] - Using manager-apps over master-apps, using: /opt/splunk/etc/manager-apps | |
| 01-30-2024 22:23:35.088 +0000 INFO SpecFiles [1394 MainThread] - Found external scheme definition for stanza="admon://" from spec file="/opt/splunk/etc/system/README/inputs.conf.spec" with parameters="targetDc, startingNode, monitorSubtree, disabled, index, printSchema, baseline" | |
| 01-30-2024 22:23:35.088 +0000 INFO SpecFiles [1394 MainThread] - Found external scheme definition for stanza="instance_id_modular_input://" from spec file="/opt/splunk/etc/apps/splunk_assist/README/inputs.conf.spec" with parameters="param1" | |
| 01-30-2024 22:23:35.088 +0000 INFO BundlesUtil [1394 MainThread] - Using manager-apps over master-apps, using: /opt/splunk/etc/manager-apps | |
| 01-30-2024 22:23:35.088 +0000 INFO SpecFiles [1394 MainThread] - Found external scheme definition for stanza="journald://" from spec file="/opt/splunk/etc/system/README/inputs.conf.spec" with parameters="journalctl-include-fields, journalctl-exclude-fields, journalctl-filter, journalctl-unit, journalctl-identifier, journalctl-priority, journalctl-boot, journalctl-facility, journalctl-grep, journalctl-user-unit, journalctl-dmesg, journalctl-quiet, journalctl-freetext" | |
| 01-30-2024 22:23:35.088 +0000 INFO BundlesUtil [1394 MainThread] - Using manager-apps over master-apps, using: /opt/splunk/etc/manager-apps | |
| 01-30-2024 22:23:35.088 +0000 INFO SpecFiles [1394 MainThread] - Found external scheme definition for stanza="logd://" from spec file="/opt/splunk/etc/system/README/inputs.conf.spec" with parameters="logd-backtrace, logd-debug, logd-info, logd-loss, logd-signpost, logd-predicate, logd-process, logd-source, logd-include-fields, logd-exclude-fields, logd-interval, logd-starttime, logd-freetext" | |
| 01-30-2024 22:23:35.089 +0000 INFO BundlesUtil [1394 MainThread] - Using manager-apps over master-apps, using: /opt/splunk/etc/manager-apps | |
| 01-30-2024 22:23:35.089 +0000 INFO SpecFiles [1394 MainThread] - Found external scheme definition for stanza="perfmon://" from spec file="/opt/splunk/etc/system/README/inputs.conf.spec" with parameters="object, counters, nonmetric_counters, instances, interval, mode, samplingInterval, stats, disabled, showZeroValue, useEnglishOnly, useWinApiProcStats, formatString, usePDHFmtNoCap100" | |
| 01-30-2024 22:23:35.089 +0000 INFO BundlesUtil [1394 MainThread] - Using manager-apps over master-apps, using: /opt/splunk/etc/manager-apps | |
| 01-30-2024 22:23:35.089 +0000 INFO SpecFiles [1394 MainThread] - Found external scheme definition for stanza="powershell2://" from spec file="/opt/splunk/etc/system/README/inputs.conf.spec" with parameters="script, schedule" | |
| 01-30-2024 22:23:35.090 +0000 INFO BundlesUtil [1394 MainThread] - Using manager-apps over master-apps, using: /opt/splunk/etc/manager-apps | |
| 01-30-2024 22:23:35.090 +0000 INFO SpecFiles [1394 MainThread] - Found external scheme definition for stanza="powershell://" from spec file="/opt/splunk/etc/system/README/inputs.conf.spec" with parameters="script, schedule" | |
| 01-30-2024 22:23:35.090 +0000 INFO SpecFiles [1394 MainThread] - Found external scheme definition for stanza="secure_gateway_modular_input://" from spec file="/opt/splunk/etc/apps/splunk_secure_gateway/README/inputs.conf.spec" with parameters="param1" | |
| 01-30-2024 22:23:35.090 +0000 INFO SpecFiles [1394 MainThread] - Found external scheme definition for stanza="selfupdate_modular_input://" from spec file="/opt/splunk/etc/apps/splunk_assist/README/inputs.conf.spec" with parameters="param1" | |
| 01-30-2024 22:23:35.091 +0000 INFO BundlesUtil [1394 MainThread] - Using manager-apps over master-apps, using: /opt/splunk/etc/manager-apps | |
| 01-30-2024 22:23:35.091 +0000 INFO SpecFiles [1394 MainThread] - Found external scheme definition for stanza="splunktcptoken://" from spec file="/opt/splunk/etc/system/README/inputs.conf.spec" with parameters="token" | |
| 01-30-2024 22:23:35.091 +0000 INFO SpecFiles [1394 MainThread] - Found external scheme definition for stanza="ssg_alerts_ttl_modular_input://" from spec file="/opt/splunk/etc/apps/splunk_secure_gateway/README/inputs.conf.spec" with parameters="ttl_days" | |
| 01-30-2024 22:23:35.091 +0000 INFO SpecFiles [1394 MainThread] - Found external scheme definition for stanza="ssg_config_modular_input://" from spec file="/opt/splunk/etc/apps/splunk_secure_gateway/README/inputs.conf.spec" with parameters="param1" | |
| 01-30-2024 22:23:35.091 +0000 INFO SpecFiles [1394 MainThread] - Found external scheme definition for stanza="ssg_deep_link_dashboard_modular_input://" from spec file="/opt/splunk/etc/apps/splunk_secure_gateway/README/inputs.conf.spec" with parameters="param1" | |
| 01-30-2024 22:23:35.091 +0000 INFO SpecFiles [1394 MainThread] - Found external scheme definition for stanza="ssg_delete_tokens_modular_input://" from spec file="/opt/splunk/etc/apps/splunk_secure_gateway/README/inputs.conf.spec" with parameters="param1" | |
| 01-30-2024 22:23:35.091 +0000 INFO SpecFiles [1394 MainThread] - Found external scheme definition for stanza="ssg_device_role_modular_input://" from spec file="/opt/splunk/etc/apps/splunk_secure_gateway/README/inputs.conf.spec" with parameters="param1" | |
| 01-30-2024 22:23:35.091 +0000 INFO SpecFiles [1394 MainThread] - Found external scheme definition for stanza="ssg_enable_modular_input://" from spec file="/opt/splunk/etc/apps/splunk_secure_gateway/README/inputs.conf.spec" with parameters="param1" | |
| 01-30-2024 22:23:35.091 +0000 INFO SpecFiles [1394 MainThread] - Found external scheme definition for stanza="ssg_metrics_modular_input://" from spec file="/opt/splunk/etc/apps/splunk_secure_gateway/README/inputs.conf.spec" with parameters="param1" | |
| 01-30-2024 22:23:35.091 +0000 INFO SpecFiles [1394 MainThread] - Found external scheme definition for stanza="ssg_registered_devices_modular_input://" from spec file="/opt/splunk/etc/apps/splunk_secure_gateway/README/inputs.conf.spec" with parameters="param1" | |
| 01-30-2024 22:23:35.091 +0000 INFO SpecFiles [1394 MainThread] - Found external scheme definition for stanza="ssg_registered_users_list_modular_input://" from spec file="/opt/splunk/etc/apps/splunk_secure_gateway/README/inputs.conf.spec" with parameters="param1" | |
| 01-30-2024 22:23:35.091 +0000 INFO SpecFiles [1394 MainThread] - Found external scheme definition for stanza="ssg_report_heuristics_modular_input://" from spec file="/opt/splunk/etc/apps/splunk_secure_gateway/README/inputs.conf.spec" with parameters="param1" | |
| 01-30-2024 22:23:35.091 +0000 INFO SpecFiles [1394 MainThread] - Found external scheme definition for stanza="ssg_subscription_clean_up_modular_input://" from spec file="/opt/splunk/etc/apps/splunk_secure_gateway/README/inputs.conf.spec" with parameters="cleanup_threshold_seconds" | |
| 01-30-2024 22:23:35.091 +0000 INFO SpecFiles [1394 MainThread] - Found external scheme definition for stanza="ssg_subscription_modular_input://" from spec file="/opt/splunk/etc/apps/splunk_secure_gateway/README/inputs.conf.spec" with parameters="minimum_iteration_time_seconds, maximum_iteration_time_warn_threshold_seconds" | |
| 01-30-2024 22:23:35.091 +0000 INFO SpecFiles [1394 MainThread] - Found external scheme definition for stanza="supervisor_modular_input://" from spec file="/opt/splunk/etc/apps/splunk_assist/README/inputs.conf.spec" with parameters="param1" | |
| 01-30-2024 22:23:35.091 +0000 INFO SpecFiles [1394 MainThread] - Found external scheme definition for stanza="uiassets_modular_input://" from spec file="/opt/splunk/etc/apps/splunk_assist/README/inputs.conf.spec" with parameters="param1" | |
| 01-30-2024 22:23:38.526 +0000 INFO ModularInputs [1394 MainThread] - Introspection setup completed for scheme "instance_id_modular_input". | |
| 01-30-2024 22:23:38.637 +0000 INFO ModularInputs [1394 MainThread] - Endpoint argument settings for "journalctl-boot": | |
| 01-30-2024 22:23:38.637 +0000 INFO ModularInputs [1394 MainThread] - Endpoint argument settings for "journalctl-dmesg": | |
| 01-30-2024 22:23:38.637 +0000 INFO ModularInputs [1394 MainThread] - Endpoint argument settings for "journalctl-exclude-fields": | |
| 01-30-2024 22:23:38.637 +0000 INFO ModularInputs [1394 MainThread] - Endpoint argument settings for "journalctl-facility": | |
| 01-30-2024 22:23:38.637 +0000 INFO ModularInputs [1394 MainThread] - Endpoint argument settings for "journalctl-filter": | |
| 01-30-2024 22:23:38.637 +0000 INFO ModularInputs [1394 MainThread] - Endpoint argument settings for "journalctl-freetext": | |
| 01-30-2024 22:23:38.637 +0000 INFO ModularInputs [1394 MainThread] - Endpoint argument settings for "journalctl-grep": | |
| 01-30-2024 22:23:38.637 +0000 INFO ModularInputs [1394 MainThread] - Endpoint argument settings for "journalctl-identifier": | |
| 01-30-2024 22:23:38.637 +0000 INFO ModularInputs [1394 MainThread] - Endpoint argument settings for "journalctl-include-fields": | |
| 01-30-2024 22:23:38.637 +0000 INFO ModularInputs [1394 MainThread] - Endpoint argument settings for "journalctl-priority": | |
| 01-30-2024 22:23:38.637 +0000 INFO ModularInputs [1394 MainThread] - Endpoint argument settings for "journalctl-quiet": | |
| 01-30-2024 22:23:38.637 +0000 INFO ModularInputs [1394 MainThread] - Endpoint argument settings for "journalctl-unit": | |
| 01-30-2024 22:23:38.637 +0000 INFO ModularInputs [1394 MainThread] - Endpoint argument settings for "journalctl-user-unit": | |
| 01-30-2024 22:23:38.637 +0000 INFO ModularInputs [1394 MainThread] - Endpoint argument settings for "name": | |
| 01-30-2024 22:23:38.637 +0000 INFO ModularInputs [1394 MainThread] - Introspection setup completed for scheme "journald". | |
| 01-30-2024 22:23:38.749 +0000 INFO ModularInputs [1394 MainThread] - Endpoint argument settings for "logd-backtrace": | |
| 01-30-2024 22:23:38.749 +0000 INFO ModularInputs [1394 MainThread] - Endpoint argument settings for "logd-debug": | |
| 01-30-2024 22:23:38.749 +0000 INFO ModularInputs [1394 MainThread] - Endpoint argument settings for "logd-exclude-fields": | |
| 01-30-2024 22:23:38.749 +0000 INFO ModularInputs [1394 MainThread] - Endpoint argument settings for "logd-freetext": | |
| 01-30-2024 22:23:38.749 +0000 INFO ModularInputs [1394 MainThread] - Endpoint argument settings for "logd-include-fields": | |
| 01-30-2024 22:23:38.749 +0000 INFO ModularInputs [1394 MainThread] - Endpoint argument settings for "logd-info": | |
| 01-30-2024 22:23:38.749 +0000 INFO ModularInputs [1394 MainThread] - Endpoint argument settings for "logd-interval": | |
| 01-30-2024 22:23:38.749 +0000 INFO ModularInputs [1394 MainThread] - Endpoint argument settings for "logd-loss": | |
| 01-30-2024 22:23:38.749 +0000 INFO ModularInputs [1394 MainThread] - Endpoint argument settings for "logd-predicate": | |
| 01-30-2024 22:23:38.749 +0000 INFO ModularInputs [1394 MainThread] - Endpoint argument settings for "logd-process": | |
| 01-30-2024 22:23:38.749 +0000 INFO ModularInputs [1394 MainThread] - Endpoint argument settings for "logd-signpost": | |
| 01-30-2024 22:23:38.749 +0000 INFO ModularInputs [1394 MainThread] - Endpoint argument settings for "logd-source": | |
| 01-30-2024 22:23:38.750 +0000 INFO ModularInputs [1394 MainThread] - Endpoint argument settings for "logd-starttime": | |
| 01-30-2024 22:23:38.750 +0000 INFO ModularInputs [1394 MainThread] - Endpoint argument settings for "name": | |
| 01-30-2024 22:23:38.750 +0000 INFO ModularInputs [1394 MainThread] - Introspection setup completed for scheme "logd". | |
| 01-30-2024 22:23:45.288 +0000 INFO ModularInputs [1394 MainThread] - Endpoint argument settings for "param1": | |
| 01-30-2024 22:23:45.288 +0000 INFO ModularInputs [1394 MainThread] - Introspection setup completed for scheme "secure_gateway_modular_input". | |
| 01-30-2024 22:23:46.600 +0000 INFO ModularInputs [1394 MainThread] - Introspection setup completed for scheme "selfupdate_modular_input". | |
| 01-30-2024 22:23:47.810 +0000 INFO ModularInputs [1394 MainThread] - Endpoint argument settings for "ttl_days": | |
| 01-30-2024 22:23:47.810 +0000 INFO ModularInputs [1394 MainThread] - Introspection setup completed for scheme "ssg_alerts_ttl_modular_input". | |
| 01-30-2024 22:23:48.921 +0000 INFO ModularInputs [1394 MainThread] - Introspection setup completed for scheme "ssg_config_modular_input". | |
| 01-30-2024 22:23:51.134 +0000 INFO ModularInputs [1394 MainThread] - Introspection setup completed for scheme "ssg_deep_link_dashboard_modular_input". | |
| 01-30-2024 22:23:52.447 +0000 INFO ModularInputs [1394 MainThread] - Endpoint argument settings for "param1": | |
| 01-30-2024 22:23:52.448 +0000 INFO ModularInputs [1394 MainThread] - Introspection setup completed for scheme "ssg_delete_tokens_modular_input". | |
| 01-30-2024 22:23:54.764 +0000 INFO ModularInputs [1394 MainThread] - Endpoint argument settings for "param1": | |
| 01-30-2024 22:23:54.765 +0000 INFO ModularInputs [1394 MainThread] - Introspection setup completed for scheme "ssg_device_role_modular_input". | |
| 01-30-2024 22:23:56.878 +0000 INFO ModularInputs [1394 MainThread] - Endpoint argument settings for "param1": | |
| 01-30-2024 22:23:56.878 +0000 INFO ModularInputs [1394 MainThread] - Introspection setup completed for scheme "ssg_enable_modular_input". | |
| 01-30-2024 22:23:58.789 +0000 INFO ModularInputs [1394 MainThread] - Endpoint argument settings for "param1": | |
| 01-30-2024 22:23:58.789 +0000 INFO ModularInputs [1394 MainThread] - Introspection setup completed for scheme "ssg_metrics_modular_input". | |
| 01-30-2024 22:24:00.000 +0000 INFO ModularInputs [1394 MainThread] - Endpoint argument settings for "param1": | |
| 01-30-2024 22:24:00.000 +0000 INFO ModularInputs [1394 MainThread] - Introspection setup completed for scheme "ssg_registered_devices_modular_input". | |
| 01-30-2024 22:24:01.110 +0000 INFO ModularInputs [1394 MainThread] - Endpoint argument settings for "param1": | |
| 01-30-2024 22:24:01.110 +0000 INFO ModularInputs [1394 MainThread] - Introspection setup completed for scheme "ssg_registered_users_list_modular_input". | |
| 01-30-2024 22:24:03.732 +0000 INFO ModularInputs [1394 MainThread] - Endpoint argument settings for "param1": | |
| 01-30-2024 22:24:03.732 +0000 INFO ModularInputs [1394 MainThread] - Introspection setup completed for scheme "ssg_report_heuristics_modular_input". | |
| 01-30-2024 22:24:04.742 +0000 INFO ModularInputs [1394 MainThread] - Endpoint argument settings for "cleanup_threshold_seconds": | |
| 01-30-2024 22:24:04.742 +0000 INFO ModularInputs [1394 MainThread] - Introspection setup completed for scheme "ssg_subscription_clean_up_modular_input". | |
| 01-30-2024 22:24:06.652 +0000 INFO ModularInputs [1394 MainThread] - Endpoint argument settings for "maximum_iteration_time_warn_threshold_seconds": | |
| 01-30-2024 22:24:06.652 +0000 INFO ModularInputs [1394 MainThread] - Endpoint argument settings for "minimum_iteration_time_seconds": | |
| 01-30-2024 22:24:06.652 +0000 INFO ModularInputs [1394 MainThread] - Introspection setup completed for scheme "ssg_subscription_modular_input". | |
| 01-30-2024 22:24:07.460 +0000 INFO ModularInputs [1394 MainThread] - Introspection setup completed for scheme "supervisor_modular_input". | |
| 01-30-2024 22:24:08.269 +0000 INFO ModularInputs [1394 MainThread] - Introspection setup completed for scheme "uiassets_modular_input". | |
| 01-30-2024 22:24:08.324 +0000 INFO DisasterRecoveryManager [1394 MainThread] - Initialized DisasterRecoveryManager, replication_enabled=0, replication_max_wait_time_secs=0, replication_min_check_time_secs=10, replication_max_check_time_secs=60 | |
| 01-30-2024 22:24:08.324 +0000 INFO CacheManager [1394 MainThread] - cachemanager is using cache eviction algorithm=lru | |
| 01-30-2024 22:24:08.326 +0000 INFO CacheManager [1824 SavePendingUploadsToDiskThread] - Starting SavePendingUploadsToDiskThread | |
| 01-30-2024 22:24:08.327 +0000 INFO DS_DC_Common [1394 MainThread] - Initializing the PubSub system. | |
| 01-30-2024 22:24:08.327 +0000 INFO DS_DC_Common [1394 MainThread] - Initializing core facilities of PubSub system. | |
| 01-30-2024 22:24:08.347 +0000 INFO DC:DeploymentClient [1394 MainThread] - target-broker clause is missing. | |
| 01-30-2024 22:24:08.347 +0000 WARN DC:DeploymentClient [1394 MainThread] - DeploymentClient explicitly disabled through config. | |
| 01-30-2024 22:24:08.347 +0000 INFO DS_DC_Common [1394 MainThread] - Deployment Client not initialized. | |
| 01-30-2024 22:24:08.347 +0000 INFO DS_DC_Common [1394 MainThread] - Loading and initializing Deployment Server... | |
| 01-30-2024 22:24:08.348 +0000 INFO DeploymentServer [1394 MainThread] - Attempting to reload entire DS; reason='init' | |
| 01-30-2024 22:24:08.348 +0000 INFO DSManager [1394 MainThread] - No serverclasses configured. | |
| 01-30-2024 22:24:08.359 +0000 INFO DSManager [1394 MainThread] - Loaded count=0 configured SCs | |
| 01-30-2024 22:24:08.359 +0000 INFO ClientSessionsManager [1394 MainThread] - Initializing ClientSessionsManager | |
| 01-30-2024 22:24:08.359 +0000 INFO PubSubSvr [1394 MainThread] - Subscribed: channel=deploymentServer/phoneHome/default connectionId=connection_127.0.0.1_8089_a0b98db34268_direct_ds_default listener=0x7f8f5b3b6800 | |
| 01-30-2024 22:24:08.359 +0000 INFO PubSubSvr [1394 MainThread] - Subscribed: channel=deploymentServer/phoneHome/default connectionId=connection_127.0.0.1_8089_a0b98db34268_direct_ds_default listener=0x7f8f5b3b6800 | |
| 01-30-2024 22:24:08.359 +0000 INFO PubSubSvr [1394 MainThread] - Subscribed: channel=deploymentServer/phoneHome/default/metrics connectionId=connection_127.0.0.1_8089_a0b98db34268_direct_ds_default listener=0x7f8f5b3b6800 | |
| 01-30-2024 22:24:08.359 +0000 INFO DeploymentServer [1394 MainThread] - Creating connection to PubSub system. | |
| 01-30-2024 22:24:08.359 +0000 INFO PubSubSvr [1394 MainThread] - Subscribed: channel=tenantService/handshake connectionId=connection_127.0.0.1_8089_a0b98db34268_direct_tenantService listener=0x7f8f5b3b6e00 | |
| 01-30-2024 22:24:08.360 +0000 INFO DS_DC_Common [1394 MainThread] - Registered REST endpoint for 'broker'. | |
| 01-30-2024 22:24:08.360 +0000 INFO DS_DC_Common [1394 MainThread] - Deployment Server|Client initialized successfully. | |
| 01-30-2024 22:24:08.360 +0000 INFO ClusteringMgr [1394 MainThread] - initing clustering with: ht=60.000 rf=3 sf=2 cm_ct=18446744073709551.615 ct=60.000 st=60.000 rt=60.000 rct=5.000 rst=5.000 rrt=10.000 rmst=600.000 rmrt=600.000 icps=25 sfrt=600.000 pe=1 im=0 ip=0 mob=5 mor=5 mosr=5 pb=5 rep_port= pptr=10 pptrl=100 fznb=10 Empty/Default cluster pass4symmkey=false allow Empty/Default cluster pass4symmkey=false rrt=restart dft=180 abt=600 sbs=1 | |
| 01-30-2024 22:24:08.360 +0000 INFO ClusteringMgr [1394 MainThread] - clustering disabled | |
| 01-30-2024 22:24:08.360 +0000 WARN HTTPAuthManager [1394 MainThread] - pass4SymmKey length is too short. See pass4SymmKey_minLength under the general stanza in server.conf. | |
| 01-30-2024 22:24:08.360 +0000 WARN SHCConfig [1394 MainThread] - Default pass4symkey is being used. Please change to a random one. | |
| 01-30-2024 22:24:08.361 +0000 INFO SHClusterMgr [1394 MainThread] - initing shpooling with: ht=60.000 rf=3 ct=60.000 st=60.000 rt=60.000 rct=5.000 rst=5.000 rrt=10.000 rmst=600.000 rmrt=600.000 pe=1 im=0 is=0 mor=5 pb=5 rep_port= pptr=10 | |
| 01-30-2024 22:24:08.361 +0000 WARN SSLOptions [1394 MainThread] - server.conf/[kvstore]/sslVerifyServerCert is false disabling certificate validation; must be set to "true" for increased security | |
| 01-30-2024 22:24:08.361 +0000 INFO SHClusterMgr [1394 MainThread] - shpooling disabled | |
| 01-30-2024 22:24:08.364 +0000 INFO WorkloadManager [1394 MainThread] - Workload management cannot be enabled on this system because the feature is not supported. Check the status of workload management preflight checks for additional information. | |
| 01-30-2024 22:24:08.376 +0000 INFO loader [1394 MainThread] - remote ui state feature is disabled | |
| 01-30-2024 22:24:08.377 +0000 INFO CollectionCacheManager [1826 CollectionCacheBookkeepingThread] - CollectionCacheBookkeepingThread starting eloop | |
| 01-30-2024 22:24:08.384 +0000 INFO ulimit [1394 MainThread] - Limit: virtual address space size: unlimited | |
| 01-30-2024 22:24:08.384 +0000 INFO ulimit [1394 MainThread] - Limit: data segment size: unlimited | |
| 01-30-2024 22:24:08.384 +0000 INFO ulimit [1394 MainThread] - Limit: resident memory size: unlimited | |
| 01-30-2024 22:24:08.385 +0000 INFO ulimit [1394 MainThread] - Limit: stack size: 8388608 bytes [hard maximum: unlimited] | |
| 01-30-2024 22:24:08.385 +0000 INFO ulimit [1394 MainThread] - Limit: core file size: 0 bytes [hard maximum: unlimited] | |
| 01-30-2024 22:24:08.385 +0000 WARN ulimit [1394 MainThread] - Core file generation disabled. | |
| 01-30-2024 22:24:08.385 +0000 INFO ulimit [1394 MainThread] - Limit: data file size: unlimited | |
| 01-30-2024 22:24:08.385 +0000 INFO ulimit [1394 MainThread] - Limit: open files: 1048576 files | |
| 01-30-2024 22:24:08.385 +0000 INFO ulimit [1394 MainThread] - Limit: user processes: unlimited | |
| 01-30-2024 22:24:08.385 +0000 INFO ulimit [1394 MainThread] - Limit: cpu time: unlimited | |
| 01-30-2024 22:24:08.385 +0000 INFO ulimit [1394 MainThread] - Linux transparent hugepage support, enabled="always" defrag="madvise" | |
| 01-30-2024 22:24:08.385 +0000 WARN ulimit [1394 MainThread] - This configuration of transparent hugepages is known to cause serious runtime problems with Splunk. Typical symptoms include generally reduced performance and catastrophic breakdown in system responsiveness under high memory pressure. Please fix by setting the values for transparent huge pages to "madvise" or preferably "never" via sysctl, kernel boot parameters, or other method recommended by your Linux distribution. | |
| 01-30-2024 22:24:08.385 +0000 INFO ulimit [1394 MainThread] - Linux vm.overcommit setting, value="0" | |
| 01-30-2024 22:24:08.385 +0000 WARN KVStoreConfigurationProvider [1394 MainThread] - Action scheduled, but event loop is not ready yet | |
| 01-30-2024 22:24:08.387 +0000 INFO MongodRunner [1829 KVStoreConfigurationThread] - Starting mongod with executable name=mongod version=kvstore version 4.2 | |
| 01-30-2024 22:24:08.387 +0000 INFO MongodRunner [1829 KVStoreConfigurationThread] - Setting env var LC_ALL=C | |
| 01-30-2024 22:24:08.388 +0000 INFO MongodRunner [1829 KVStoreConfigurationThread] - Created new kvstore directory: /opt/splunk/var/lib/splunk/kvstore/mongo | |
| 01-30-2024 22:24:08.388 +0000 INFO MongodRunner [1829 KVStoreConfigurationThread] - Using mongod command line --dbpath /opt/splunk/var/lib/splunk/kvstore/mongo | |
| 01-30-2024 22:24:08.388 +0000 INFO MongodRunner [1829 KVStoreConfigurationThread] - Using mongod command line --storageEngine wiredTiger | |
| 01-30-2024 22:24:08.388 +0000 INFO MongodRunner [1829 KVStoreConfigurationThread] - Using cacheSize=1.05GB | |
| 01-30-2024 22:24:08.388 +0000 INFO MongodRunner [1829 KVStoreConfigurationThread] - Using mongod command line --port 8191 | |
| 01-30-2024 22:24:08.388 +0000 INFO MongodRunner [1829 KVStoreConfigurationThread] - Using mongod command line --timeStampFormat iso8601-utc | |
| 01-30-2024 22:24:08.388 +0000 INFO MongodRunner [1829 KVStoreConfigurationThread] - Using mongod command line --oplogSize 200 | |
| 01-30-2024 22:24:08.388 +0000 INFO MongodRunner [1829 KVStoreConfigurationThread] - Using mongod command line --keyFile /opt/splunk/var/lib/splunk/kvstore/mongo/splunk.key | |
| 01-30-2024 22:24:08.388 +0000 INFO MongodRunner [1829 KVStoreConfigurationThread] - Using mongod command line --setParameter enableLocalhostAuthBypass=0 | |
| 01-30-2024 22:24:08.388 +0000 INFO MongodRunner [1829 KVStoreConfigurationThread] - Using mongod command line --setParameter oplogFetcherSteadyStateMaxFetcherRestarts=0 | |
| 01-30-2024 22:24:08.388 +0000 INFO MongodRunner [1829 KVStoreConfigurationThread] - Using mongod command line --replSet A194E1FA-0225-486F-A281-1AF937B2C5CC | |
| 01-30-2024 22:24:08.388 +0000 INFO MongodRunner [1829 KVStoreConfigurationThread] - Using mongod command line --bind_ip=0.0.0.0 (all ipv4 addresses) | |
| 01-30-2024 22:24:08.388 +0000 INFO MongodRunner [1829 KVStoreConfigurationThread] - Using mongod command line --sslMode disabled | |
| 01-30-2024 22:24:08.388 +0000 INFO MongodRunner [1829 KVStoreConfigurationThread] - Using mongod command line --nounixsocket | |
| 01-30-2024 22:24:08.388 +0000 INFO MongodRunner [1829 KVStoreConfigurationThread] - Using mongod command line --noscripting | |
| 01-30-2024 22:24:08.407 +0000 WARN DistributedBundleReplicationManager [1394 MainThread] - replicationBlacklist in distsearch.conf is deprecated, use replicationDenylist instead. | |
| 01-30-2024 22:24:08.407 +0000 WARN KVStoreConfigurationProvider [1394 MainThread] - Action scheduled, but event loop is not ready yet | |
| 01-30-2024 22:24:08.407 +0000 INFO CertStorageProvider [1394 MainThread] - Updating status from unknown to starting | |
| 01-30-2024 22:24:08.408 +0000 INFO CertStorageProvider [1394 MainThread] - Updating status from unknown to starting | |
| 01-30-2024 22:24:08.408 +0000 INFO Rsa2FA [1394 MainThread] - Could not find [externalTwoFactorAuthSettings] in authentication stanza. | |
| 01-30-2024 22:24:08.408 +0000 INFO KVStoreBackupRestore [1832 KVStoreBackupThread] - thread started. | |
| 01-30-2024 22:24:08.561 +0000 INFO IndexerInit [1833 SplunkdSpecificInitThread] - running splunkd specific init | |
| 01-30-2024 22:24:08.563 +0000 WARN SearchLogCopier [1836 DispatchReaper] - Config setting enabled is invalid. Feature is disabled. | |
| 01-30-2024 22:24:08.583 +0000 WARN IndexerService [1833 SplunkdSpecificInitThread] - Can't set numThreadsForIndexInitExecutor to 16; capped at 12 instead as it cannot exceed the number of cpu cores | |
| 01-30-2024 22:24:08.583 +0000 INFO IndexerService [1833 SplunkdSpecificInitThread] - Number of threads in IndexInitExecutor is set to 12 | |
| 01-30-2024 22:24:08.587 +0000 INFO IndexerService [1840 RecreateIndexesThread] - starting RecreateIndexesThread | |
| 01-30-2024 22:24:08.588 +0000 INFO IndexerService [1833 SplunkdSpecificInitThread] - indexes.conf - indexThreads param set to=8 | |
| 01-30-2024 22:24:08.608 +0000 INFO IndexerService [1833 SplunkdSpecificInitThread] - indexes.conf - memPoolMB param autotuned to=256MB | |
| 01-30-2024 22:24:08.608 +0000 INFO MPool [1833 SplunkdSpecificInitThread] - MPool initialized: bytes=268435456 | |
| 01-30-2024 22:24:08.626 +0000 INFO DatabaseDirectoryManager [1854 IndexInitExecutorWorker-5] - Start-up refreshing bucket manifest index=_metrics_rollup | |
| 01-30-2024 22:24:08.631 +0000 INFO DatabaseDirectoryManager [1856 IndexInitExecutorWorker-7] - Start-up refreshing bucket manifest index=_telemetry | |
| 01-30-2024 22:24:08.632 +0000 INFO DatabaseDirectoryManager [1849 IndexInitExecutorWorker-0] - Start-up refreshing bucket manifest index=_configtracker | |
| 01-30-2024 22:24:08.632 +0000 INFO DatabaseDirectoryManager [1853 IndexInitExecutorWorker-4] - Start-up refreshing bucket manifest index=_internal | |
| 01-30-2024 22:24:08.632 +0000 INFO DatabaseDirectoryManager [1850 IndexInitExecutorWorker-1] - Start-up refreshing bucket manifest index=_audit | |
| 01-30-2024 22:24:08.632 +0000 INFO DatabaseDirectoryManager [1854 IndexInitExecutorWorker-5] - idx=_metrics_rollup writing a bucket manifest in hotWarmPath='/opt/splunk/var/lib/splunk/_metrics_rollup/db' pendingBucketUpdates=0 innerLockTime=0.000. Reason='Refreshing manifest at start-up.' | |
| 01-30-2024 22:24:08.632 +0000 INFO DatabaseDirectoryManager [1849 IndexInitExecutorWorker-0] - idx=_configtracker writing a bucket manifest in hotWarmPath='/opt/splunk/var/lib/splunk/_configtracker/db' pendingBucketUpdates=0 innerLockTime=0.000. Reason='Refreshing manifest at start-up.' | |
| 01-30-2024 22:24:08.632 +0000 INFO DatabaseDirectoryManager [1852 IndexInitExecutorWorker-3] - Start-up refreshing bucket manifest index=_metrics | |
| 01-30-2024 22:24:08.632 +0000 INFO DatabaseDirectoryManager [1853 IndexInitExecutorWorker-4] - idx=_internal writing a bucket manifest in hotWarmPath='/opt/splunk/var/lib/splunk/_internaldb/db' pendingBucketUpdates=0 innerLockTime=0.000. Reason='Refreshing manifest at start-up.' | |
| 01-30-2024 22:24:08.632 +0000 INFO DatabaseDirectoryManager [1850 IndexInitExecutorWorker-1] - idx=_audit writing a bucket manifest in hotWarmPath='/opt/splunk/var/lib/splunk/audit/db' pendingBucketUpdates=0 innerLockTime=0.000. Reason='Refreshing manifest at start-up.' | |
| 01-30-2024 22:24:08.632 +0000 INFO DatabaseDirectoryManager [1852 IndexInitExecutorWorker-3] - idx=_metrics writing a bucket manifest in hotWarmPath='/opt/splunk/var/lib/splunk/_metrics/db' pendingBucketUpdates=0 innerLockTime=0.000. Reason='Refreshing manifest at start-up.' | |
| 01-30-2024 22:24:08.632 +0000 INFO DatabaseDirectoryManager [1858 IndexInitExecutorWorker-9] - Start-up refreshing bucket manifest index=_thefishbucket | |
| 01-30-2024 22:24:08.633 +0000 INFO DatabaseDirectoryManager [1852 IndexInitExecutorWorker-3] - Finished writing bucket manifest in hotWarmPath=/opt/splunk/var/lib/splunk/_metrics/db duration=0.000 | |
| 01-30-2024 22:24:08.633 +0000 INFO DatabaseDirectoryManager [1850 IndexInitExecutorWorker-1] - Finished writing bucket manifest in hotWarmPath=/opt/splunk/var/lib/splunk/audit/db duration=0.000 | |
| 01-30-2024 22:24:08.632 +0000 INFO DatabaseDirectoryManager [1851 IndexInitExecutorWorker-2] - Start-up refreshing bucket manifest index=_introspection | |
| 01-30-2024 22:24:08.633 +0000 INFO DatabaseDirectoryManager [1850 IndexInitExecutorWorker-1] - Start-up refreshing bucket manifest index=main | |
| 01-30-2024 22:24:08.633 +0000 INFO DatabaseDirectoryManager [1849 IndexInitExecutorWorker-0] - Finished writing bucket manifest in hotWarmPath=/opt/splunk/var/lib/splunk/_configtracker/db duration=0.000 | |
| 01-30-2024 22:24:08.633 +0000 INFO DatabaseDirectoryManager [1849 IndexInitExecutorWorker-0] - Start-up refreshing bucket manifest index=summary | |
| 01-30-2024 22:24:08.633 +0000 INFO DatabaseDirectoryManager [1852 IndexInitExecutorWorker-3] - Start-up refreshing bucket manifest index=history | |
| 01-30-2024 22:24:08.633 +0000 INFO DatabaseDirectoryManager [1850 IndexInitExecutorWorker-1] - idx=main writing a bucket manifest in hotWarmPath='/opt/splunk/var/lib/splunk/defaultdb/db' pendingBucketUpdates=0 innerLockTime=0.000. Reason='Refreshing manifest at start-up.' | |
| 01-30-2024 22:24:08.633 +0000 INFO DatabaseDirectoryManager [1853 IndexInitExecutorWorker-4] - Finished writing bucket manifest in hotWarmPath=/opt/splunk/var/lib/splunk/_internaldb/db duration=0.000 | |
| 01-30-2024 22:24:08.633 +0000 INFO DatabaseDirectoryManager [1849 IndexInitExecutorWorker-0] - idx=summary writing a bucket manifest in hotWarmPath='/opt/splunk/var/lib/splunk/summarydb/db' pendingBucketUpdates=0 innerLockTime=0.000. Reason='Refreshing manifest at start-up.' | |
| 01-30-2024 22:24:08.633 +0000 INFO DatabaseDirectoryManager [1851 IndexInitExecutorWorker-2] - idx=_introspection writing a bucket manifest in hotWarmPath='/opt/splunk/var/lib/splunk/_introspection/db' pendingBucketUpdates=0 innerLockTime=0.000. Reason='Refreshing manifest at start-up.' | |
| 01-30-2024 22:24:08.633 +0000 INFO DatabaseDirectoryManager [1851 IndexInitExecutorWorker-2] - Finished writing bucket manifest in hotWarmPath=/opt/splunk/var/lib/splunk/_introspection/db duration=0.000 | |
| 01-30-2024 22:24:08.633 +0000 INFO DatabaseDirectoryManager [1858 IndexInitExecutorWorker-9] - idx=_thefishbucket writing a bucket manifest in hotWarmPath='/opt/splunk/var/lib/splunk/fishbucket/db' pendingBucketUpdates=0 innerLockTime=0.000. Reason='Refreshing manifest at start-up.' | |
| 01-30-2024 22:24:08.634 +0000 INFO DatabaseDirectoryManager [1850 IndexInitExecutorWorker-1] - Finished writing bucket manifest in hotWarmPath=/opt/splunk/var/lib/splunk/defaultdb/db duration=0.000 | |
| 01-30-2024 22:24:08.633 +0000 INFO DatabaseDirectoryManager [1849 IndexInitExecutorWorker-0] - Finished writing bucket manifest in hotWarmPath=/opt/splunk/var/lib/splunk/summarydb/db duration=0.000 | |
| 01-30-2024 22:24:08.634 +0000 INFO DatabaseDirectoryManager [1858 IndexInitExecutorWorker-9] - Finished writing bucket manifest in hotWarmPath=/opt/splunk/var/lib/splunk/fishbucket/db duration=0.001 | |
| 01-30-2024 22:24:08.633 +0000 INFO DatabaseDirectoryManager [1852 IndexInitExecutorWorker-3] - idx=history writing a bucket manifest in hotWarmPath='/opt/splunk/var/lib/splunk/historydb/db' pendingBucketUpdates=0 innerLockTime=0.000. Reason='Refreshing manifest at start-up.' | |
| 01-30-2024 22:24:08.634 +0000 INFO DatabaseDirectoryManager [1852 IndexInitExecutorWorker-3] - Finished writing bucket manifest in hotWarmPath=/opt/splunk/var/lib/splunk/historydb/db duration=0.000 | |
| 01-30-2024 22:24:08.635 +0000 INFO DatabaseDirectoryManager [1856 IndexInitExecutorWorker-7] - idx=_telemetry writing a bucket manifest in hotWarmPath='/opt/splunk/var/lib/splunk/_telemetry/db' pendingBucketUpdates=0 innerLockTime=0.000. Reason='Refreshing manifest at start-up.' | |
| 01-30-2024 22:24:08.636 +0000 INFO DatabaseDirectoryManager [1856 IndexInitExecutorWorker-7] - Finished writing bucket manifest in hotWarmPath=/opt/splunk/var/lib/splunk/_telemetry/db duration=0.000 | |
| 01-30-2024 22:24:08.636 +0000 INFO DatabaseDirectoryManager [1854 IndexInitExecutorWorker-5] - Finished writing bucket manifest in hotWarmPath=/opt/splunk/var/lib/splunk/_metrics_rollup/db duration=0.003 | |
| 01-30-2024 22:24:08.647 +0000 INFO HotDBManager [1844 IndexerTPoolWorker-3] - idx=_audit minHotIdleSecsBeforeForceRoll=auto; initializing, current value=600 | |
| 01-30-2024 22:24:08.647 +0000 INFO HotDBManager [1844 IndexerTPoolWorker-3] - idx=_audit Setting hot mgr params: maxHotSpanSecs=7776000 maxHotBuckets=3 minHotIdleSecsBeforeForceRoll=auto maxDataSizeBytes=786432000 quarantinePastSecs=77760000 quarantineFutureSecs=2592000 | |
| 01-30-2024 22:24:08.647 +0000 INFO HotDBManager [1844 IndexerTPoolWorker-3] - closing hot mgr for idx=_audit | |
| 01-30-2024 22:24:08.648 +0000 INFO HotDBManager [1845 IndexerTPoolWorker-4] - idx=_internal minHotIdleSecsBeforeForceRoll=auto; initializing, current value=600 | |
| 01-30-2024 22:24:08.648 +0000 INFO HotDBManager [1845 IndexerTPoolWorker-4] - idx=_internal Setting hot mgr params: maxHotSpanSecs=432000 maxHotBuckets=3 minHotIdleSecsBeforeForceRoll=auto maxDataSizeBytes=1048576000 quarantinePastSecs=77760000 quarantineFutureSecs=2592000 | |
| 01-30-2024 22:24:08.649 +0000 INFO HotDBManager [1842 IndexerTPoolWorker-1] - idx=_configtracker minHotIdleSecsBeforeForceRoll=auto; initializing, current value=600 | |
| 01-30-2024 22:24:08.649 +0000 INFO HotDBManager [1845 IndexerTPoolWorker-4] - closing hot mgr for idx=_internal | |
| 01-30-2024 22:24:08.649 +0000 INFO HotDBManager [1842 IndexerTPoolWorker-1] - idx=_configtracker Setting hot mgr params: maxHotSpanSecs=7776000 maxHotBuckets=3 minHotIdleSecsBeforeForceRoll=auto maxDataSizeBytes=786432000 quarantinePastSecs=77760000 quarantineFutureSecs=2592000 | |
| 01-30-2024 22:24:08.649 +0000 INFO HotDBManager [1842 IndexerTPoolWorker-1] - closing hot mgr for idx=_configtracker | |
| 01-30-2024 22:24:08.649 +0000 INFO HotDBManager [1842 IndexerTPoolWorker-1] - idx=summary minHotIdleSecsBeforeForceRoll=auto; initializing, current value=600 | |
| 01-30-2024 22:24:08.649 +0000 INFO HotDBManager [1842 IndexerTPoolWorker-1] - idx=summary Setting hot mgr params: maxHotSpanSecs=7776000 maxHotBuckets=3 minHotIdleSecsBeforeForceRoll=auto maxDataSizeBytes=786432000 quarantinePastSecs=77760000 quarantineFutureSecs=2592000 | |
| 01-30-2024 22:24:08.649 +0000 INFO HotDBManager [1842 IndexerTPoolWorker-1] - closing hot mgr for idx=summary | |
| 01-30-2024 22:24:08.650 +0000 INFO HotDBManager [1843 IndexerTPoolWorker-2] - idx=_metrics_rollup minHotIdleSecsBeforeForceRoll=auto; initializing, current value=600 | |
| 01-30-2024 22:24:08.650 +0000 INFO HotDBManager [1843 IndexerTPoolWorker-2] - idx=_metrics_rollup Setting hot mgr params: maxHotSpanSecs=7776000 maxHotBuckets=3 minHotIdleSecsBeforeForceRoll=auto maxDataSizeBytes=786432000 quarantinePastSecs=77760000 quarantineFutureSecs=2592000 | |
| 01-30-2024 22:24:08.650 +0000 INFO HotDBManager [1843 IndexerTPoolWorker-2] - closing hot mgr for idx=_metrics_rollup | |
| 01-30-2024 22:24:08.650 +0000 INFO HotDBManager [1848 IndexerTPoolWorker-7] - idx=_introspection minHotIdleSecsBeforeForceRoll=auto; initializing, current value=600 | |
| 01-30-2024 22:24:08.650 +0000 INFO HotDBManager [1848 IndexerTPoolWorker-7] - idx=_introspection Setting hot mgr params: maxHotSpanSecs=7776000 maxHotBuckets=3 minHotIdleSecsBeforeForceRoll=auto maxDataSizeBytes=1073741824 quarantinePastSecs=77760000 quarantineFutureSecs=2592000 | |
| 01-30-2024 22:24:08.650 +0000 INFO HotDBManager [1848 IndexerTPoolWorker-7] - closing hot mgr for idx=_introspection | |
| 01-30-2024 22:24:08.650 +0000 INFO HotDBManager [1846 IndexerTPoolWorker-5] - idx=_telemetry minHotIdleSecsBeforeForceRoll=auto; initializing, current value=600 | |
| 01-30-2024 22:24:08.650 +0000 INFO HotDBManager [1846 IndexerTPoolWorker-5] - idx=_telemetry Setting hot mgr params: maxHotSpanSecs=7776000 maxHotBuckets=3 minHotIdleSecsBeforeForceRoll=auto maxDataSizeBytes=268435456 quarantinePastSecs=77760000 quarantineFutureSecs=2592000 | |
| 01-30-2024 22:24:08.650 +0000 INFO HotDBManager [1846 IndexerTPoolWorker-5] - closing hot mgr for idx=_telemetry | |
| 01-30-2024 22:24:08.651 +0000 INFO HotDBManager [1841 IndexerTPoolWorker-0] - idx=_thefishbucket minHotIdleSecsBeforeForceRoll=auto; initializing, current value=600 | |
| 01-30-2024 22:24:08.651 +0000 INFO HotDBManager [1841 IndexerTPoolWorker-0] - idx=_thefishbucket Setting hot mgr params: maxHotSpanSecs=7776000 maxHotBuckets=3 minHotIdleSecsBeforeForceRoll=auto maxDataSizeBytes=524288000 quarantinePastSecs=77760000 quarantineFutureSecs=2592000 | |
| 01-30-2024 22:24:08.651 +0000 INFO HotDBManager [1847 IndexerTPoolWorker-6] - idx=_metrics minHotIdleSecsBeforeForceRoll=auto; initializing, current value=600 | |
| 01-30-2024 22:24:08.652 +0000 INFO HotDBManager [1847 IndexerTPoolWorker-6] - idx=_metrics Setting hot mgr params: maxHotSpanSecs=7776000 maxHotBuckets=3 minHotIdleSecsBeforeForceRoll=auto maxDataSizeBytes=786432000 quarantinePastSecs=77760000 quarantineFutureSecs=2592000 | |
| 01-30-2024 22:24:08.651 +0000 INFO HotDBManager [1845 IndexerTPoolWorker-4] - idx=main minHotIdleSecsBeforeForceRoll=auto; initializing, current value=600 | |
| 01-30-2024 22:24:08.652 +0000 INFO HotDBManager [1847 IndexerTPoolWorker-6] - closing hot mgr for idx=_metrics | |
| 01-30-2024 22:24:08.652 +0000 INFO HotDBManager [1845 IndexerTPoolWorker-4] - idx=main Setting hot mgr params: maxHotSpanSecs=7776000 maxHotBuckets=10 minHotIdleSecsBeforeForceRoll=auto maxDataSizeBytes=10737418240 quarantinePastSecs=77760000 quarantineFutureSecs=2592000 | |
| 01-30-2024 22:24:08.652 +0000 INFO HotDBManager [1844 IndexerTPoolWorker-3] - idx=history minHotIdleSecsBeforeForceRoll=auto; initializing, current value=600 | |
| 01-30-2024 22:24:08.652 +0000 INFO HotDBManager [1845 IndexerTPoolWorker-4] - closing hot mgr for idx=main | |
| 01-30-2024 22:24:08.652 +0000 INFO HotDBManager [1844 IndexerTPoolWorker-3] - idx=history Setting hot mgr params: maxHotSpanSecs=7776000 maxHotBuckets=3 minHotIdleSecsBeforeForceRoll=auto maxDataSizeBytes=10485760 quarantinePastSecs=77760000 quarantineFutureSecs=2592000 | |
| 01-30-2024 22:24:08.652 +0000 INFO HotDBManager [1841 IndexerTPoolWorker-0] - closing hot mgr for idx=_thefishbucket | |
| 01-30-2024 22:24:08.652 +0000 INFO HotDBManager [1844 IndexerTPoolWorker-3] - closing hot mgr for idx=history | |
| 01-30-2024 22:24:08.653 +0000 INFO IndexerService [1833 SplunkdSpecificInitThread] - Initializing indexes took usec=9030 reloading=false indexes_initialized=11 failed_to_init_indexes=0 | |
| 01-30-2024 22:24:08.653 +0000 INFO IndexerService [1833 SplunkdSpecificInitThread] - event=pruneStaleObjectsFromUploadJson with pendingUploadSize=0 | |
| 01-30-2024 22:24:08.653 +0000 INFO IndexerService [1833 SplunkdSpecificInitThread] - adjusting tb licenses | |
| 01-30-2024 22:24:08.658 +0000 INFO NoahHeartbeat [1833 SplunkdSpecificInitThread] - Finished initiating noah operations processor. thread_pool_name=noah_operations workers_count=4 is_test_mode= 0 | |
| 01-30-2024 22:24:08.659 +0000 INFO IntrospectionGenerator:disk_objects [1833 SplunkdSpecificInitThread] - Enabled: disk_objects=true indexes=true volumes=true dispatch=true fishbucket=true partitions=true summaries=true distributedIndexes=false | |
| 01-30-2024 22:24:08.659 +0000 INFO DiskMon [1833 SplunkdSpecificInitThread] - Looking up file system information about a directory that is not yet on the file system: /opt/splunk/var/lib/splunk/_configtracker/summary (this is normal when splunk is first starting up) | |
| 01-30-2024 22:24:08.659 +0000 INFO DiskMon [1833 SplunkdSpecificInitThread] - Looking up file system information about a directory that is not yet on the file system: /opt/splunk/var/lib/splunk/_internaldb/summary (this is normal when splunk is first starting up) | |
| 01-30-2024 22:24:08.660 +0000 INFO DiskMon [1833 SplunkdSpecificInitThread] - Looking up file system information about a directory that is not yet on the file system: /opt/splunk/var/lib/splunk/_introspection/summary (this is normal when splunk is first starting up) | |
| 01-30-2024 22:24:08.660 +0000 INFO DiskMon [1833 SplunkdSpecificInitThread] - Looking up file system information about a directory that is not yet on the file system: /opt/splunk/var/lib/splunk/_metrics/summary (this is normal when splunk is first starting up) | |
| 01-30-2024 22:24:08.660 +0000 INFO DiskMon [1833 SplunkdSpecificInitThread] - Looking up file system information about a directory that is not yet on the file system: /opt/splunk/var/lib/splunk/_metrics_rollup/summary (this is normal when splunk is first starting up) | |
| 01-30-2024 22:24:08.660 +0000 INFO DiskMon [1833 SplunkdSpecificInitThread] - Looking up file system information about a directory that is not yet on the file system: /opt/splunk/var/lib/splunk/_telemetry/summary (this is normal when splunk is first starting up) | |
| 01-30-2024 22:24:08.660 +0000 INFO DiskMon [1833 SplunkdSpecificInitThread] - Looking up file system information about a directory that is not yet on the file system: /opt/splunk/var/lib/splunk/audit/summary (this is normal when splunk is first starting up) | |
| 01-30-2024 22:24:08.660 +0000 INFO DiskMon [1833 SplunkdSpecificInitThread] - Looking up file system information about a directory that is not yet on the file system: /opt/splunk/var/lib/splunk/defaultdb/summary (this is normal when splunk is first starting up) | |
| 01-30-2024 22:24:08.660 +0000 INFO DiskMon [1833 SplunkdSpecificInitThread] - Looking up file system information about a directory that is not yet on the file system: /opt/splunk/var/lib/splunk/fishbucket/summary (this is normal when splunk is first starting up) | |
| 01-30-2024 22:24:08.660 +0000 INFO DiskMon [1833 SplunkdSpecificInitThread] - Looking up file system information about a directory that is not yet on the file system: /opt/splunk/var/lib/splunk/historydb/summary (this is normal when splunk is first starting up) | |
| 01-30-2024 22:24:08.660 +0000 INFO DiskMon [1833 SplunkdSpecificInitThread] - Looking up file system information about a directory that is not yet on the file system: /opt/splunk/var/lib/splunk/summarydb/summary (this is normal when splunk is first starting up) | |
| 01-30-2024 22:24:08.661 +0000 INFO IntrospectionGenerator:disk_objects [1833 SplunkdSpecificInitThread] - I-data gathering (Disk Objects) starting; period=600.000s | |
| 01-30-2024 22:24:08.661 +0000 INFO IntrospectionGenerator:disk_objects [1833 SplunkdSpecificInitThread] - Summaries gathering starting; period=1800.000, highfreqency=false | |
| 01-30-2024 22:24:08.661 +0000 INFO loader [1394 MainThread] - Initializing from configuration | |
| 01-30-2024 22:24:08.667 +0000 INFO TcpOutputProc [1867 indexerPipe] - found Whitelist forwardedindex.0.whitelist , RE : .* | |
| 01-30-2024 22:24:08.667 +0000 INFO TcpOutputProc [1867 indexerPipe] - found Blacklist forwardedindex.1.blacklist , RE : _.* | |
| 01-30-2024 22:24:08.667 +0000 INFO TcpOutputProc [1867 indexerPipe] - found Whitelist forwardedindex.2.whitelist , RE : (_audit|_internal|_introspection|_telemetry|_metrics|_metrics_rollup|_configtracker) | |
| 01-30-2024 22:24:08.684 +0000 INFO IndexProcessor [1867 indexerPipe] - Initializing: readonly=false reloading=false | |
| 01-30-2024 22:24:08.685 +0000 INFO IndexProcessor [1867 indexerPipe] - not starting rt router thread | |
| 01-30-2024 22:24:08.685 +0000 INFO HotDBManager [1867 indexerPipe] - idx=_audit minHotIdleSecsBeforeForceRoll=auto; initializing, current value=600 | |
| 01-30-2024 22:24:08.685 +0000 INFO HotDBManager [1867 indexerPipe] - idx=_audit Setting hot mgr params: maxHotSpanSecs=7776000 maxHotBuckets=3 minHotIdleSecsBeforeForceRoll=auto maxDataSizeBytes=786432000 quarantinePastSecs=77760000 quarantineFutureSecs=2592000 | |
| 01-30-2024 22:24:08.685 +0000 INFO HotDBManager [1867 indexerPipe] - closing hot mgr for idx=_audit | |
| 01-30-2024 22:24:08.686 +0000 INFO HotDBManager [1867 indexerPipe] - idx=_configtracker minHotIdleSecsBeforeForceRoll=auto; initializing, current value=600 | |
| 01-30-2024 22:24:08.686 +0000 INFO HotDBManager [1867 indexerPipe] - idx=_configtracker Setting hot mgr params: maxHotSpanSecs=7776000 maxHotBuckets=3 minHotIdleSecsBeforeForceRoll=auto maxDataSizeBytes=786432000 quarantinePastSecs=77760000 quarantineFutureSecs=2592000 | |
| 01-30-2024 22:24:08.686 +0000 INFO HotDBManager [1867 indexerPipe] - closing hot mgr for idx=_configtracker | |
| 01-30-2024 22:24:08.686 +0000 INFO HotDBManager [1867 indexerPipe] - idx=_internal minHotIdleSecsBeforeForceRoll=auto; initializing, current value=600 | |
| 01-30-2024 22:24:08.686 +0000 INFO HotDBManager [1867 indexerPipe] - idx=_internal Setting hot mgr params: maxHotSpanSecs=432000 maxHotBuckets=3 minHotIdleSecsBeforeForceRoll=auto maxDataSizeBytes=1048576000 quarantinePastSecs=77760000 quarantineFutureSecs=2592000 | |
| 01-30-2024 22:24:08.686 +0000 INFO HotDBManager [1867 indexerPipe] - closing hot mgr for idx=_internal | |
| 01-30-2024 22:24:08.686 +0000 INFO HotDBManager [1867 indexerPipe] - idx=_introspection minHotIdleSecsBeforeForceRoll=auto; initializing, current value=600 | |
| 01-30-2024 22:24:08.686 +0000 INFO HotDBManager [1867 indexerPipe] - idx=_introspection Setting hot mgr params: maxHotSpanSecs=7776000 maxHotBuckets=3 minHotIdleSecsBeforeForceRoll=auto maxDataSizeBytes=1073741824 quarantinePastSecs=77760000 quarantineFutureSecs=2592000 | |
| 01-30-2024 22:24:08.686 +0000 INFO HotDBManager [1867 indexerPipe] - closing hot mgr for idx=_introspection | |
| 01-30-2024 22:24:08.686 +0000 INFO HotDBManager [1867 indexerPipe] - idx=_metrics minHotIdleSecsBeforeForceRoll=auto; initializing, current value=600 | |
| 01-30-2024 22:24:08.686 +0000 INFO HotDBManager [1867 indexerPipe] - idx=_metrics Setting hot mgr params: maxHotSpanSecs=7776000 maxHotBuckets=6 minHotIdleSecsBeforeForceRoll=auto maxDataSizeBytes=786432000 quarantinePastSecs=77760000 quarantineFutureSecs=2592000 | |
| 01-30-2024 22:24:08.686 +0000 INFO HotDBManager [1867 indexerPipe] - closing hot mgr for idx=_metrics | |
| 01-30-2024 22:24:08.686 +0000 INFO HotDBManager [1867 indexerPipe] - idx=_metrics_rollup minHotIdleSecsBeforeForceRoll=auto; initializing, current value=600 | |
| 01-30-2024 22:24:08.686 +0000 INFO HotDBManager [1867 indexerPipe] - idx=_metrics_rollup Setting hot mgr params: maxHotSpanSecs=7776000 maxHotBuckets=6 minHotIdleSecsBeforeForceRoll=auto maxDataSizeBytes=786432000 quarantinePastSecs=77760000 quarantineFutureSecs=2592000 | |
| 01-30-2024 22:24:08.686 +0000 INFO HotDBManager [1867 indexerPipe] - closing hot mgr for idx=_metrics_rollup | |
| 01-30-2024 22:24:08.686 +0000 INFO IndexWriter [1842 IndexerTPoolWorker-1] - idx=_configtracker, Initializing, params='[300,period=60.000,frozenTimePeriodInSecs=2592000.000,coldToFrozenScript=,coldToFrozenPythonVersion=unspecified,coldToFrozenDir=,warmToColdScript=,maxHotBucketSize=786432000,optimizeEvery=5.000,syncMeta=true,maxTotalDataSizeMB=500000,maxGlobalRawDataSizeMB=0,maxGlobalDataSizeMB=0,maxMemoryAllocationPerHotSliceMB=5,addressCompressBits=5,isReadOnly=false,maxMergizzles=6,maxHotSpanSecs=7776000.000,maxMetadataEntries=1000000,maxHotIdleSecs=0.000,maxHotBuckets=3,maxMetricHotBuckets=6,minHotIdleSecsBeforeForceRoll=0.000,quarantinePastSecs=77760000.000,quarantineFutureSecs=2592000.000,maxSliceSize=131072,serviceMetaPeriod=25.000,partialServiceMetaPeriod=0.000,throttleCheckPeriod=15.000,homePath_maxDataSizeBytes=0,coldPath_maxDataSizeBytes=0,compressionType=zstd,lz4BlockSize=65536,compressionLevel=7,fsyncInterval=18446744073709551.615,maxBloomBackfillBucketAge_secs=2592000.000,enableOnlineBucketRepair=true,enableDataIntegrityControl=false,maxUnreplicatedMsecWithAcks=60000,maxUnreplacatedMsecNoAcks=300000,alwaysBloomBackfill=false,minStreamGroupQueueSize=2000,streamingTargetTsidxSyncPeriodMsec=5000,repFactor=0,hotBucketTimeRefreshInterval=10,enableTsidxReduction=0,suspendHotRollByDeleteQuery0,tsidxReductionCheckPeriodInSec=600.000,timePeriodInSecBeforeTsidxReduction=604800.000,remoteVolume=,remotePath=,splitByIndexKeys=,metricSplitByIndexKeys=,dataType=event,serviceInactiveIndexesPeriod=60,tsidxWritingLevel=3,metric.enableFloatingPointCompression=true,metric.compressionBlockSize=1024,metric.stubOutRawdataJournal=true,metric.timestampResolution=s,archiver.selfStorageProvider,archiver.selfStorageBucket,archiver.selfStorageBucketFolder,archiver.enableDataArchive=false,archiver.maxDataArchiveRetentionPeriod=0.000,archiver.coldStorageProvider=,hotBucketStreaming.removeRemoteSlicesOnRoll=0,hotBucketStreaming.removeRemoteSlicesOnFreeze=0,hotBucketStreaming.reportStatus=0,hotBucketStreaming.deleteHotsAfterRestart=0,hotBucketStreaming.sendSlices=0,tsidxdDedupPostingsListMaxTermsLimit=8388608,tsidxTargetSizeMB=1500,metric.tsidxTargetSizeMB=1500,waitPeriodInSecsForManifestWrite=60.000,hotlistRecency=18446744073709551.615,hotlistBloomRecency=18446744073709551.615,deleteId=0,rollCachedBucketsToColdEnabled=0]' isPeer=false | |
| 01-30-2024 22:24:08.686 +0000 INFO IndexWriter [1842 IndexerTPoolWorker-1] - openDatabases complete currentId=-1 idx=_configtracker | |
| 01-30-2024 22:24:08.686 +0000 INFO IndexWriter [1842 IndexerTPoolWorker-1] - idx=_introspection, Initializing, params='[300,period=60.000,frozenTimePeriodInSecs=1209600.000,coldToFrozenScript=,coldToFrozenPythonVersion=unspecified,coldToFrozenDir=,warmToColdScript=,maxHotBucketSize=1073741824,optimizeEvery=5.000,syncMeta=true,maxTotalDataSizeMB=500000,maxGlobalRawDataSizeMB=0,maxGlobalDataSizeMB=0,maxMemoryAllocationPerHotSliceMB=5,addressCompressBits=5,isReadOnly=false,maxMergizzles=6,maxHotSpanSecs=7776000.000,maxMetadataEntries=1000000,maxHotIdleSecs=0.000,maxHotBuckets=3,maxMetricHotBuckets=6,minHotIdleSecsBeforeForceRoll=0.000,quarantinePastSecs=77760000.000,quarantineFutureSecs=2592000.000,maxSliceSize=131072,serviceMetaPeriod=25.000,partialServiceMetaPeriod=0.000,throttleCheckPeriod=15.000,homePath_maxDataSizeBytes=0,coldPath_maxDataSizeBytes=0,compressionType=zstd,lz4BlockSize=65536,compressionLevel=7,fsyncInterval=18446744073709551.615,maxBloomBackfillBucketAge_secs=2592000.000,enableOnlineBucketRepair=true,enableDataIntegrityControl=false,maxUnreplicatedMsecWithAcks=60000,maxUnreplacatedMsecNoAcks=300000,alwaysBloomBackfill=false,minStreamGroupQueueSize=2000,streamingTargetTsidxSyncPeriodMsec=5000,repFactor=0,hotBucketTimeRefreshInterval=10,enableTsidxReduction=0,suspendHotRollByDeleteQuery0,tsidxReductionCheckPeriodInSec=600.000,timePeriodInSecBeforeTsidxReduction=604800.000,remoteVolume=,remotePath=,splitByIndexKeys=,metricSplitByIndexKeys=,dataType=event,serviceInactiveIndexesPeriod=60,tsidxWritingLevel=3,metric.enableFloatingPointCompression=true,metric.compressionBlockSize=1024,metric.stubOutRawdataJournal=true,metric.timestampResolution=s,archiver.selfStorageProvider,archiver.selfStorageBucket,archiver.selfStorageBucketFolder,archiver.enableDataArchive=false,archiver.maxDataArchiveRetentionPeriod=0.000,archiver.coldStorageProvider=,hotBucketStreaming.removeRemoteSlicesOnRoll=0,hotBucketStreaming.removeRemoteSlicesOnFreeze=0,hotBucketStreaming.reportStatus=0,hotBucketStreaming.deleteHotsAfterRestart=0,hotBucketStreaming.sendSlices=0,tsidxdDedupPostingsListMaxTermsLimit=8388608,tsidxTargetSizeMB=1500,metric.tsidxTargetSizeMB=1500,waitPeriodInSecsForManifestWrite=60.000,hotlistRecency=18446744073709551.615,hotlistBloomRecency=18446744073709551.615,deleteId=0,rollCachedBucketsToColdEnabled=0]' isPeer=false | |
| 01-30-2024 22:24:08.686 +0000 INFO IndexWriter [1842 IndexerTPoolWorker-1] - openDatabases complete currentId=-1 idx=_introspection | |
| 01-30-2024 22:24:08.686 +0000 INFO IndexWriter [1842 IndexerTPoolWorker-1] - idx=_metrics, Initializing, params='[300,period=60.000,frozenTimePeriodInSecs=1209600.000,coldToFrozenScript=,coldToFrozenPythonVersion=unspecified,coldToFrozenDir=,warmToColdScript=,maxHotBucketSize=786432000,optimizeEvery=5.000,syncMeta=true,maxTotalDataSizeMB=500000,maxGlobalRawDataSizeMB=0,maxGlobalDataSizeMB=0,maxMemoryAllocationPerHotSliceMB=5,addressCompressBits=5,isReadOnly=false,maxMergizzles=6,maxHotSpanSecs=7776000.000,maxMetadataEntries=1000000,maxHotIdleSecs=0.000,maxHotBuckets=3,maxMetricHotBuckets=6,minHotIdleSecsBeforeForceRoll=0.000,quarantinePastSecs=77760000.000,quarantineFutureSecs=2592000.000,maxSliceSize=131072,serviceMetaPeriod=25.000,partialServiceMetaPeriod=0.000,throttleCheckPeriod=15.000,homePath_maxDataSizeBytes=0,coldPath_maxDataSizeBytes=0,compressionType=zstd,lz4BlockSize=65536,compressionLevel=7,fsyncInterval=18446744073709551.615,maxBloomBackfillBucketAge_secs=2592000.000,enableOnlineBucketRepair=true,enableDataIntegrityControl=false,maxUnreplicatedMsecWithAcks=60000,maxUnreplacatedMsecNoAcks=300000,alwaysBloomBackfill=false,minStreamGroupQueueSize=2000,streamingTargetTsidxSyncPeriodMsec=5000,repFactor=0,hotBucketTimeRefreshInterval=10,enableTsidxReduction=0,suspendHotRollByDeleteQuery0,tsidxReductionCheckPeriodInSec=600.000,timePeriodInSecBeforeTsidxReduction=604800.000,remoteVolume=,remotePath=,splitByIndexKeys=,metricSplitByIndexKeys=metric_name,dataType=metric,serviceInactiveIndexesPeriod=60,tsidxWritingLevel=3,metric.enableFloatingPointCompression=true,metric.compressionBlockSize=1024,metric.stubOutRawdataJournal=true,metric.timestampResolution=s,archiver.selfStorageProvider,archiver.selfStorageBucket,archiver.selfStorageBucketFolder,archiver.enableDataArchive=false,archiver.maxDataArchiveRetentionPeriod=0.000,archiver.coldStorageProvider=,hotBucketStreaming.removeRemoteSlicesOnRoll=0,hotBucketStreaming.removeRemoteSlicesOnFreeze=0,hotBucketStreaming.reportStatus=0,hotBucketStreaming.deleteHotsAfterRestart=0,hotBucketStreaming.sendSlices=0,tsidxdDedupPostingsListMaxTermsLimit=8388608,tsidxTargetSizeMB=1500,metric.tsidxTargetSizeMB=1500,waitPeriodInSecsForManifestWrite=60.000,hotlistRecency=18446744073709551.615,hotlistBloomRecency=18446744073709551.615,deleteId=0,rollCachedBucketsToColdEnabled=0]' isPeer=false | |
| 01-30-2024 22:24:08.686 +0000 INFO IndexWriter [1842 IndexerTPoolWorker-1] - openDatabases complete currentId=-1 idx=_metrics | |
| 01-30-2024 22:24:08.686 +0000 INFO IndexWriter [1842 IndexerTPoolWorker-1] - idx=_metrics_rollup, Initializing, params='[300,period=60.000,frozenTimePeriodInSecs=63072000.000,coldToFrozenScript=,coldToFrozenPythonVersion=unspecified,coldToFrozenDir=,warmToColdScript=,maxHotBucketSize=786432000,optimizeEvery=5.000,syncMeta=true,maxTotalDataSizeMB=500000,maxGlobalRawDataSizeMB=0,maxGlobalDataSizeMB=0,maxMemoryAllocationPerHotSliceMB=5,addressCompressBits=5,isReadOnly=false,maxMergizzles=6,maxHotSpanSecs=7776000.000,maxMetadataEntries=1000000,maxHotIdleSecs=0.000,maxHotBuckets=3,maxMetricHotBuckets=6,minHotIdleSecsBeforeForceRoll=0.000,quarantinePastSecs=77760000.000,quarantineFutureSecs=2592000.000,maxSliceSize=131072,serviceMetaPeriod=25.000,partialServiceMetaPeriod=0.000,throttleCheckPeriod=15.000,homePath_maxDataSizeBytes=0,coldPath_maxDataSizeBytes=0,compressionType=zstd,lz4BlockSize=65536,compressionLevel=7,fsyncInterval=18446744073709551.615,maxBloomBackfillBucketAge_secs=2592000.000,enableOnlineBucketRepair=true,enableDataIntegrityControl=false,maxUnreplicatedMsecWithAcks=60000,maxUnreplacatedMsecNoAcks=300000,alwaysBloomBackfill=false,minStreamGroupQueueSize=2000,streamingTargetTsidxSyncPeriodMsec=5000,repFactor=0,hotBucketTimeRefreshInterval=10,enableTsidxReduction=0,suspendHotRollByDeleteQuery0,tsidxReductionCheckPeriodInSec=600.000,timePeriodInSecBeforeTsidxReduction=604800.000,remoteVolume=,remotePath=,splitByIndexKeys=,metricSplitByIndexKeys=metric_name,dataType=metric,serviceInactiveIndexesPeriod=60,tsidxWritingLevel=3,metric.enableFloatingPointCompression=true,metric.compressionBlockSize=1024,metric.stubOutRawdataJournal=true,metric.timestampResolution=s,archiver.selfStorageProvider,archiver.selfStorageBucket,archiver.selfStorageBucketFolder,archiver.enableDataArchive=false,archiver.maxDataArchiveRetentionPeriod=0.000,archiver.coldStorageProvider=,hotBucketStreaming.removeRemoteSlicesOnRoll=0,hotBucketStreaming.removeRemoteSlicesOnFreeze=0,hotBucketStreaming.reportStatus=0,hotBucketStreaming.deleteHotsAfterRestart=0,hotBucketStreaming.sendSlices=0,tsidxdDedupPostingsListMaxTermsLimit=8388608,tsidxTargetSizeMB=1500,metric.tsidxTargetSizeMB=1500,waitPeriodInSecsForManifestWrite=60.000,hotlistRecency=18446744073709551.615,hotlistBloomRecency=18446744073709551.615,deleteId=0,rollCachedBucketsToColdEnabled=0]' isPeer=false | |
| 01-30-2024 22:24:08.687 +0000 INFO IndexWriter [1842 IndexerTPoolWorker-1] - openDatabases complete currentId=-1 idx=_metrics_rollup | |
| 01-30-2024 22:24:08.686 +0000 INFO HotDBManager [1867 indexerPipe] - idx=_telemetry minHotIdleSecsBeforeForceRoll=auto; initializing, current value=600 | |
| 01-30-2024 22:24:08.686 +0000 INFO IndexWriter [1844 IndexerTPoolWorker-3] - idx=_audit, Initializing, params='[300,period=60.000,frozenTimePeriodInSecs=188697600.000,coldToFrozenScript=,coldToFrozenPythonVersion=unspecified,coldToFrozenDir=,warmToColdScript=,maxHotBucketSize=786432000,optimizeEvery=5.000,syncMeta=true,maxTotalDataSizeMB=500000,maxGlobalRawDataSizeMB=0,maxGlobalDataSizeMB=0,maxMemoryAllocationPerHotSliceMB=5,addressCompressBits=5,isReadOnly=false,maxMergizzles=6,maxHotSpanSecs=7776000.000,maxMetadataEntries=1000000,maxHotIdleSecs=0.000,maxHotBuckets=3,maxMetricHotBuckets=6,minHotIdleSecsBeforeForceRoll=0.000,quarantinePastSecs=77760000.000,quarantineFutureSecs=2592000.000,maxSliceSize=131072,serviceMetaPeriod=25.000,partialServiceMetaPeriod=0.000,throttleCheckPeriod=15.000,homePath_maxDataSizeBytes=0,coldPath_maxDataSizeBytes=0,compressionType=zstd,lz4BlockSize=65536,compressionLevel=7,fsyncInterval=18446744073709551.615,maxBloomBackfillBucketAge_secs=2592000.000,enableOnlineBucketRepair=true,enableDataIntegrityControl=false,maxUnreplicatedMsecWithAcks=60000,maxUnreplacatedMsecNoAcks=300000,alwaysBloomBackfill=false,minStreamGroupQueueSize=2000,streamingTargetTsidxSyncPeriodMsec=5000,repFactor=0,hotBucketTimeRefreshInterval=10,enableTsidxReduction=0,suspendHotRollByDeleteQuery0,tsidxReductionCheckPeriodInSec=600.000,timePeriodInSecBeforeTsidxReduction=604800.000,remoteVolume=,remotePath=,splitByIndexKeys=,metricSplitByIndexKeys=,dataType=event,serviceInactiveIndexesPeriod=60,tsidxWritingLevel=3,metric.enableFloatingPointCompression=true,metric.compressionBlockSize=1024,metric.stubOutRawdataJournal=true,metric.timestampResolution=s,archiver.selfStorageProvider,archiver.selfStorageBucket,archiver.selfStorageBucketFolder,archiver.enableDataArchive=false,archiver.maxDataArchiveRetentionPeriod=0.000,archiver.coldStorageProvider=,hotBucketStreaming.removeRemoteSlicesOnRoll=0,hotBucketStreaming.removeRemoteSlicesOnFreeze=0,hotBucketStreaming.reportStatus=0,hotBucketStreaming.deleteHotsAfterRestart=0,hotBucketStreaming.sendSlices=0,tsidxdDedupPostingsListMaxTermsLimit=8388608,tsidxTargetSizeMB=1500,metric.tsidxTargetSizeMB=1500,waitPeriodInSecsForManifestWrite=60.000,hotlistRecency=18446744073709551.615,hotlistBloomRecency=18446744073709551.615,deleteId=0,rollCachedBucketsToColdEnabled=0]' isPeer=false | |
| 01-30-2024 22:24:08.687 +0000 INFO HotDBManager [1867 indexerPipe] - idx=_telemetry Setting hot mgr params: maxHotSpanSecs=7776000 maxHotBuckets=3 minHotIdleSecsBeforeForceRoll=auto maxDataSizeBytes=268435456 quarantinePastSecs=77760000 quarantineFutureSecs=2592000 | |
| 01-30-2024 22:24:08.687 +0000 INFO HotDBManager [1867 indexerPipe] - closing hot mgr for idx=_telemetry | |
| 01-30-2024 22:24:08.687 +0000 INFO IndexWriter [1844 IndexerTPoolWorker-3] - openDatabases complete currentId=-1 idx=_audit | |
| 01-30-2024 22:24:08.686 +0000 INFO IndexWriter [1841 IndexerTPoolWorker-0] - idx=_internal, Initializing, params='[300,period=60.000,frozenTimePeriodInSecs=2592000.000,coldToFrozenScript=,coldToFrozenPythonVersion=unspecified,coldToFrozenDir=,warmToColdScript=,maxHotBucketSize=1048576000,optimizeEvery=5.000,syncMeta=true,maxTotalDataSizeMB=500000,maxGlobalRawDataSizeMB=0,maxGlobalDataSizeMB=0,maxMemoryAllocationPerHotSliceMB=5,addressCompressBits=5,isReadOnly=false,maxMergizzles=6,maxHotSpanSecs=432000.000,maxMetadataEntries=1000000,maxHotIdleSecs=0.000,maxHotBuckets=3,maxMetricHotBuckets=6,minHotIdleSecsBeforeForceRoll=0.000,quarantinePastSecs=77760000.000,quarantineFutureSecs=2592000.000,maxSliceSize=131072,serviceMetaPeriod=25.000,partialServiceMetaPeriod=0.000,throttleCheckPeriod=15.000,homePath_maxDataSizeBytes=0,coldPath_maxDataSizeBytes=0,compressionType=zstd,lz4BlockSize=65536,compressionLevel=7,fsyncInterval=18446744073709551.615,maxBloomBackfillBucketAge_secs=2592000.000,enableOnlineBucketRepair=true,enableDataIntegrityControl=false,maxUnreplicatedMsecWithAcks=60000,maxUnreplacatedMsecNoAcks=300000,alwaysBloomBackfill=false,minStreamGroupQueueSize=2000,streamingTargetTsidxSyncPeriodMsec=5000,repFactor=0,hotBucketTimeRefreshInterval=10,enableTsidxReduction=0,suspendHotRollByDeleteQuery0,tsidxReductionCheckPeriodInSec=600.000,timePeriodInSecBeforeTsidxReduction=604800.000,remoteVolume=,remotePath=,splitByIndexKeys=,metricSplitByIndexKeys=,dataType=event,serviceInactiveIndexesPeriod=60,tsidxWritingLevel=3,metric.enableFloatingPointCompression=true,metric.compressionBlockSize=1024,metric.stubOutRawdataJournal=true,metric.timestampResolution=s,archiver.selfStorageProvider,archiver.selfStorageBucket,archiver.selfStorageBucketFolder,archiver.enableDataArchive=false,archiver.maxDataArchiveRetentionPeriod=0.000,archiver.coldStorageProvider=,hotBucketStreaming.removeRemoteSlicesOnRoll=0,hotBucketStreaming.removeRemoteSlicesOnFreeze=0,hotBucketStreaming.reportStatus=0,hotBucketStreaming.deleteHotsAfterRestart=0,hotBucketStreaming.sendSlices=0,tsidxdDedupPostingsListMaxTermsLimit=8388608,tsidxTargetSizeMB=1500,metric.tsidxTargetSizeMB=1500,waitPeriodInSecsForManifestWrite=60.000,hotlistRecency=18446744073709551.615,hotlistBloomRecency=18446744073709551.615,deleteId=0,rollCachedBucketsToColdEnabled=0]' isPeer=false | |
| 01-30-2024 22:24:08.687 +0000 INFO IndexWriter [1841 IndexerTPoolWorker-0] - openDatabases complete currentId=-1 idx=_internal | |
| 01-30-2024 22:24:08.688 +0000 INFO HotDBManager [1867 indexerPipe] - idx=_thefishbucket minHotIdleSecsBeforeForceRoll=auto; initializing, current value=600 | |
| 01-30-2024 22:24:08.688 +0000 INFO HotDBManager [1867 indexerPipe] - idx=_thefishbucket Setting hot mgr params: maxHotSpanSecs=7776000 maxHotBuckets=3 minHotIdleSecsBeforeForceRoll=auto maxDataSizeBytes=524288000 quarantinePastSecs=77760000 quarantineFutureSecs=2592000 | |
| 01-30-2024 22:24:08.688 +0000 INFO HotDBManager [1867 indexerPipe] - closing hot mgr for idx=_thefishbucket | |
| 01-30-2024 22:24:08.688 +0000 INFO HotDBManager [1867 indexerPipe] - idx=history minHotIdleSecsBeforeForceRoll=auto; initializing, current value=600 | |
| 01-30-2024 22:24:08.688 +0000 INFO HotDBManager [1867 indexerPipe] - idx=history Setting hot mgr params: maxHotSpanSecs=7776000 maxHotBuckets=3 minHotIdleSecsBeforeForceRoll=auto maxDataSizeBytes=10485760 quarantinePastSecs=77760000 quarantineFutureSecs=2592000 | |
| 01-30-2024 22:24:08.688 +0000 INFO HotDBManager [1867 indexerPipe] - closing hot mgr for idx=history | |
| 01-30-2024 22:24:08.688 +0000 INFO HotDBManager [1867 indexerPipe] - idx=main minHotIdleSecsBeforeForceRoll=auto; initializing, current value=600 | |
| 01-30-2024 22:24:08.688 +0000 INFO IndexWriter [1847 IndexerTPoolWorker-6] - idx=_telemetry, Initializing, params='[300,period=60.000,frozenTimePeriodInSecs=63072000.000,coldToFrozenScript=,coldToFrozenPythonVersion=unspecified,coldToFrozenDir=,warmToColdScript=,maxHotBucketSize=268435456,optimizeEvery=5.000,syncMeta=true,maxTotalDataSizeMB=500000,maxGlobalRawDataSizeMB=0,maxGlobalDataSizeMB=0,maxMemoryAllocationPerHotSliceMB=5,addressCompressBits=5,isReadOnly=false,maxMergizzles=6,maxHotSpanSecs=7776000.000,maxMetadataEntries=1000000,maxHotIdleSecs=0.000,maxHotBuckets=3,maxMetricHotBuckets=6,minHotIdleSecsBeforeForceRoll=0.000,quarantinePastSecs=77760000.000,quarantineFutureSecs=2592000.000,maxSliceSize=131072,serviceMetaPeriod=25.000,partialServiceMetaPeriod=0.000,throttleCheckPeriod=15.000,homePath_maxDataSizeBytes=0,coldPath_maxDataSizeBytes=0,compressionType=zstd,lz4BlockSize=65536,compressionLevel=7,fsyncInterval=18446744073709551.615,maxBloomBackfillBucketAge_secs=2592000.000,enableOnlineBucketRepair=true,enableDataIntegrityControl=false,maxUnreplicatedMsecWithAcks=60000,maxUnreplacatedMsecNoAcks=300000,alwaysBloomBackfill=false,minStreamGroupQueueSize=2000,streamingTargetTsidxSyncPeriodMsec=5000,repFactor=0,hotBucketTimeRefreshInterval=10,enableTsidxReduction=0,suspendHotRollByDeleteQuery0,tsidxReductionCheckPeriodInSec=600.000,timePeriodInSecBeforeTsidxReduction=604800.000,remoteVolume=,remotePath=,splitByIndexKeys=,metricSplitByIndexKeys=,dataType=event,serviceInactiveIndexesPeriod=60,tsidxWritingLevel=3,metric.enableFloatingPointCompression=true,metric.compressionBlockSize=1024,metric.stubOutRawdataJournal=true,metric.timestampResolution=s,archiver.selfStorageProvider,archiver.selfStorageBucket,archiver.selfStorageBucketFolder,archiver.enableDataArchive=false,archiver.maxDataArchiveRetentionPeriod=0.000,archiver.coldStorageProvider=,hotBucketStreaming.removeRemoteSlicesOnRoll=0,hotBucketStreaming.removeRemoteSlicesOnFreeze=0,hotBucketStreaming.reportStatus=0,hotBucketStreaming.deleteHotsAfterRestart=0,hotBucketStreaming.sendSlices=0,tsidxdDedupPostingsListMaxTermsLimit=8388608,tsidxTargetSizeMB=1500,metric.tsidxTargetSizeMB=1500,waitPeriodInSecsForManifestWrite=60.000,hotlistRecency=18446744073709551.615,hotlistBloomRecency=18446744073709551.615,deleteId=0,rollCachedBucketsToColdEnabled=0]' isPeer=false | |
| 01-30-2024 22:24:08.688 +0000 INFO HotDBManager [1867 indexerPipe] - idx=main Setting hot mgr params: maxHotSpanSecs=7776000 maxHotBuckets=10 minHotIdleSecsBeforeForceRoll=auto maxDataSizeBytes=10737418240 quarantinePastSecs=77760000 quarantineFutureSecs=2592000 | |
| 01-30-2024 22:24:08.688 +0000 INFO HotDBManager [1867 indexerPipe] - closing hot mgr for idx=main | |
| 01-30-2024 22:24:08.688 +0000 INFO IndexWriter [1847 IndexerTPoolWorker-6] - openDatabases complete currentId=-1 idx=_telemetry | |
| 01-30-2024 22:24:08.688 +0000 INFO IndexWriter [1842 IndexerTPoolWorker-1] - idx=history, Initializing, params='[300,period=60.000,frozenTimePeriodInSecs=604800.000,coldToFrozenScript=,coldToFrozenPythonVersion=unspecified,coldToFrozenDir=,warmToColdScript=,maxHotBucketSize=10485760,optimizeEvery=5.000,syncMeta=true,maxTotalDataSizeMB=500000,maxGlobalRawDataSizeMB=0,maxGlobalDataSizeMB=0,maxMemoryAllocationPerHotSliceMB=5,addressCompressBits=5,isReadOnly=false,maxMergizzles=6,maxHotSpanSecs=7776000.000,maxMetadataEntries=1000000,maxHotIdleSecs=0.000,maxHotBuckets=3,maxMetricHotBuckets=6,minHotIdleSecsBeforeForceRoll=0.000,quarantinePastSecs=77760000.000,quarantineFutureSecs=2592000.000,maxSliceSize=131072,serviceMetaPeriod=25.000,partialServiceMetaPeriod=0.000,throttleCheckPeriod=15.000,homePath_maxDataSizeBytes=0,coldPath_maxDataSizeBytes=0,compressionType=zstd,lz4BlockSize=65536,compressionLevel=7,fsyncInterval=18446744073709551.615,maxBloomBackfillBucketAge_secs=2592000.000,enableOnlineBucketRepair=true,enableDataIntegrityControl=false,maxUnreplicatedMsecWithAcks=60000,maxUnreplacatedMsecNoAcks=300000,alwaysBloomBackfill=false,minStreamGroupQueueSize=2000,streamingTargetTsidxSyncPeriodMsec=5000,repFactor=0,hotBucketTimeRefreshInterval=10,enableTsidxReduction=0,suspendHotRollByDeleteQuery0,tsidxReductionCheckPeriodInSec=600.000,timePeriodInSecBeforeTsidxReduction=604800.000,remoteVolume=,remotePath=,splitByIndexKeys=,metricSplitByIndexKeys=,dataType=event,serviceInactiveIndexesPeriod=60,tsidxWritingLevel=3,metric.enableFloatingPointCompression=true,metric.compressionBlockSize=1024,metric.stubOutRawdataJournal=true,metric.timestampResolution=s,archiver.selfStorageProvider,archiver.selfStorageBucket,archiver.selfStorageBucketFolder,archiver.enableDataArchive=false,archiver.maxDataArchiveRetentionPeriod=0.000,archiver.coldStorageProvider=,hotBucketStreaming.removeRemoteSlicesOnRoll=0,hotBucketStreaming.removeRemoteSlicesOnFreeze=0,hotBucketStreaming.reportStatus=0,hotBucketStreaming.deleteHotsAfterRestart=0,hotBucketStreaming.sendSlices=0,tsidxdDedupPostingsListMaxTermsLimit=8388608,tsidxTargetSizeMB=1500,metric.tsidxTargetSizeMB=1500,waitPeriodInSecsForManifestWrite=60.000,hotlistRecency=18446744073709551.615,hotlistBloomRecency=18446744073709551.615,deleteId=0,rollCachedBucketsToColdEnabled=0]' isPeer=false | |
| 01-30-2024 22:24:08.688 +0000 INFO IndexWriter [1842 IndexerTPoolWorker-1] - openDatabases complete currentId=-1 idx=history | |
| 01-30-2024 22:24:08.688 +0000 INFO IndexWriter [1843 IndexerTPoolWorker-2] - idx=_thefishbucket, Initializing, params='[300,period=60.000,frozenTimePeriodInSecs=2419200.000,coldToFrozenScript=,coldToFrozenPythonVersion=unspecified,coldToFrozenDir=,warmToColdScript=,maxHotBucketSize=524288000,optimizeEvery=5.000,syncMeta=true,maxTotalDataSizeMB=500000,maxGlobalRawDataSizeMB=0,maxGlobalDataSizeMB=0,maxMemoryAllocationPerHotSliceMB=5,addressCompressBits=5,isReadOnly=false,maxMergizzles=6,maxHotSpanSecs=7776000.000,maxMetadataEntries=1000000,maxHotIdleSecs=0.000,maxHotBuckets=3,maxMetricHotBuckets=6,minHotIdleSecsBeforeForceRoll=0.000,quarantinePastSecs=77760000.000,quarantineFutureSecs=2592000.000,maxSliceSize=131072,serviceMetaPeriod=25.000,partialServiceMetaPeriod=0.000,throttleCheckPeriod=15.000,homePath_maxDataSizeBytes=0,coldPath_maxDataSizeBytes=0,compressionType=zstd,lz4BlockSize=65536,compressionLevel=7,fsyncInterval=18446744073709551.615,maxBloomBackfillBucketAge_secs=2592000.000,enableOnlineBucketRepair=true,enableDataIntegrityControl=false,maxUnreplicatedMsecWithAcks=60000,maxUnreplacatedMsecNoAcks=300000,alwaysBloomBackfill=false,minStreamGroupQueueSize=2000,streamingTargetTsidxSyncPeriodMsec=5000,repFactor=0,hotBucketTimeRefreshInterval=10,enableTsidxReduction=0,suspendHotRollByDeleteQuery0,tsidxReductionCheckPeriodInSec=600.000,timePeriodInSecBeforeTsidxReduction=604800.000,remoteVolume=,remotePath=,splitByIndexKeys=,metricSplitByIndexKeys=,dataType=event,serviceInactiveIndexesPeriod=60,tsidxWritingLevel=3,metric.enableFloatingPointCompression=true,metric.compressionBlockSize=1024,metric.stubOutRawdataJournal=true,metric.timestampResolution=s,archiver.selfStorageProvider,archiver.selfStorageBucket,archiver.selfStorageBucketFolder,archiver.enableDataArchive=false,archiver.maxDataArchiveRetentionPeriod=0.000,archiver.coldStorageProvider=,hotBucketStreaming.removeRemoteSlicesOnRoll=0,hotBucketStreaming.removeRemoteSlicesOnFreeze=0,hotBucketStreaming.reportStatus=0,hotBucketStreaming.deleteHotsAfterRestart=0,hotBucketStreaming.sendSlices=0,tsidxdDedupPostingsListMaxTermsLimit=8388608,tsidxTargetSizeMB=1500,metric.tsidxTargetSizeMB=1500,waitPeriodInSecsForManifestWrite=60.000,hotlistRecency=18446744073709551.615,hotlistBloomRecency=18446744073709551.615,deleteId=0,rollCachedBucketsToColdEnabled=0]' isPeer=false | |
| 01-30-2024 22:24:08.689 +0000 INFO IndexWriter [1843 IndexerTPoolWorker-2] - openDatabases complete currentId=-1 idx=_thefishbucket | |
| 01-30-2024 22:24:08.688 +0000 INFO HotDBManager [1867 indexerPipe] - idx=summary minHotIdleSecsBeforeForceRoll=auto; initializing, current value=600 | |
| 01-30-2024 22:24:08.689 +0000 INFO HotDBManager [1867 indexerPipe] - idx=summary Setting hot mgr params: maxHotSpanSecs=7776000 maxHotBuckets=3 minHotIdleSecsBeforeForceRoll=auto maxDataSizeBytes=786432000 quarantinePastSecs=77760000 quarantineFutureSecs=2592000 | |
| 01-30-2024 22:24:08.689 +0000 INFO HotDBManager [1867 indexerPipe] - closing hot mgr for idx=summary | |
| 01-30-2024 22:24:08.689 +0000 INFO IndexWriter [1848 IndexerTPoolWorker-7] - idx=main, Initializing, params='[300,period=60.000,frozenTimePeriodInSecs=188697600.000,coldToFrozenScript=,coldToFrozenPythonVersion=unspecified,coldToFrozenDir=,warmToColdScript=,maxHotBucketSize=10737418240,optimizeEvery=5.000,syncMeta=true,maxTotalDataSizeMB=500000,maxGlobalRawDataSizeMB=0,maxGlobalDataSizeMB=0,maxMemoryAllocationPerHotSliceMB=20,addressCompressBits=5,isReadOnly=false,maxMergizzles=6,maxHotSpanSecs=7776000.000,maxMetadataEntries=1000000,maxHotIdleSecs=86400.000,maxHotBuckets=10,maxMetricHotBuckets=6,minHotIdleSecsBeforeForceRoll=0.000,quarantinePastSecs=77760000.000,quarantineFutureSecs=2592000.000,maxSliceSize=131072,serviceMetaPeriod=25.000,partialServiceMetaPeriod=0.000,throttleCheckPeriod=15.000,homePath_maxDataSizeBytes=0,coldPath_maxDataSizeBytes=0,compressionType=zstd,lz4BlockSize=65536,compressionLevel=7,fsyncInterval=18446744073709551.615,maxBloomBackfillBucketAge_secs=2592000.000,enableOnlineBucketRepair=true,enableDataIntegrityControl=false,maxUnreplicatedMsecWithAcks=60000,maxUnreplacatedMsecNoAcks=300000,alwaysBloomBackfill=false,minStreamGroupQueueSize=2000,streamingTargetTsidxSyncPeriodMsec=5000,repFactor=0,hotBucketTimeRefreshInterval=10,enableTsidxReduction=0,suspendHotRollByDeleteQuery0,tsidxReductionCheckPeriodInSec=600.000,timePeriodInSecBeforeTsidxReduction=604800.000,remoteVolume=,remotePath=,splitByIndexKeys=,metricSplitByIndexKeys=,dataType=event,serviceInactiveIndexesPeriod=60,tsidxWritingLevel=3,metric.enableFloatingPointCompression=true,metric.compressionBlockSize=1024,metric.stubOutRawdataJournal=true,metric.timestampResolution=s,archiver.selfStorageProvider,archiver.selfStorageBucket,archiver.selfStorageBucketFolder,archiver.enableDataArchive=false,archiver.maxDataArchiveRetentionPeriod=0.000,archiver.coldStorageProvider=,hotBucketStreaming.removeRemoteSlicesOnRoll=0,hotBucketStreaming.removeRemoteSlicesOnFreeze=0,hotBucketStreaming.reportStatus=0,hotBucketStreaming.deleteHotsAfterRestart=0,hotBucketStreaming.sendSlices=0,tsidxdDedupPostingsListMaxTermsLimit=8388608,tsidxTargetSizeMB=1500,metric.tsidxTargetSizeMB=1500,waitPeriodInSecsForManifestWrite=60.000,hotlistRecency=18446744073709551.615,hotlistBloomRecency=18446744073709551.615,deleteId=0,rollCachedBucketsToColdEnabled=0]' isPeer=false | |
| 01-30-2024 22:24:08.689 +0000 INFO IndexWriter [1848 IndexerTPoolWorker-7] - openDatabases complete currentId=-1 idx=main | |
| 01-30-2024 22:24:08.689 +0000 INFO IndexWriter [1843 IndexerTPoolWorker-2] - idx=summary, Initializing, params='[300,period=60.000,frozenTimePeriodInSecs=188697600.000,coldToFrozenScript=,coldToFrozenPythonVersion=unspecified,coldToFrozenDir=,warmToColdScript=,maxHotBucketSize=786432000,optimizeEvery=5.000,syncMeta=true,maxTotalDataSizeMB=500000,maxGlobalRawDataSizeMB=0,maxGlobalDataSizeMB=0,maxMemoryAllocationPerHotSliceMB=5,addressCompressBits=5,isReadOnly=false,maxMergizzles=6,maxHotSpanSecs=7776000.000,maxMetadataEntries=1000000,maxHotIdleSecs=0.000,maxHotBuckets=3,maxMetricHotBuckets=6,minHotIdleSecsBeforeForceRoll=0.000,quarantinePastSecs=77760000.000,quarantineFutureSecs=2592000.000,maxSliceSize=131072,serviceMetaPeriod=25.000,partialServiceMetaPeriod=0.000,throttleCheckPeriod=15.000,homePath_maxDataSizeBytes=0,coldPath_maxDataSizeBytes=0,compressionType=zstd,lz4BlockSize=65536,compressionLevel=7,fsyncInterval=18446744073709551.615,maxBloomBackfillBucketAge_secs=2592000.000,enableOnlineBucketRepair=true,enableDataIntegrityControl=false,maxUnreplicatedMsecWithAcks=60000,maxUnreplacatedMsecNoAcks=300000,alwaysBloomBackfill=false,minStreamGroupQueueSize=2000,streamingTargetTsidxSyncPeriodMsec=5000,repFactor=0,hotBucketTimeRefreshInterval=10,enableTsidxReduction=0,suspendHotRollByDeleteQuery0,tsidxReductionCheckPeriodInSec=600.000,timePeriodInSecBeforeTsidxReduction=604800.000,remoteVolume=,remotePath=,splitByIndexKeys=,metricSplitByIndexKeys=,dataType=event,serviceInactiveIndexesPeriod=60,tsidxWritingLevel=3,metric.enableFloatingPointCompression=true,metric.compressionBlockSize=1024,metric.stubOutRawdataJournal=true,metric.timestampResolution=s,archiver.selfStorageProvider,archiver.selfStorageBucket,archiver.selfStorageBucketFolder,archiver.enableDataArchive=false,archiver.maxDataArchiveRetentionPeriod=0.000,archiver.coldStorageProvider=,hotBucketStreaming.removeRemoteSlicesOnRoll=0,hotBucketStreaming.removeRemoteSlicesOnFreeze=0,hotBucketStreaming.reportStatus=0,hotBucketStreaming.deleteHotsAfterRestart=0,hotBucketStreaming.sendSlices=0,tsidxdDedupPostingsListMaxTermsLimit=8388608,tsidxTargetSizeMB=1500,metric.tsidxTargetSizeMB=1500,waitPeriodInSecsForManifestWrite=60.000,hotlistRecency=18446744073709551.615,hotlistBloomRecency=18446744073709551.615,deleteId=0,rollCachedBucketsToColdEnabled=0]' isPeer=false | |
| 01-30-2024 22:24:08.689 +0000 INFO IndexWriter [1843 IndexerTPoolWorker-2] - openDatabases complete currentId=-1 idx=summary | |
| 01-30-2024 22:24:08.690 +0000 INFO IndexProcessor [1867 indexerPipe] - Initializing indexes took usec=4858 reloading=false indexes_initialized=11 | |
| 01-30-2024 22:24:08.693 +0000 INFO RemoteQueueInputProcessor [1876 remotequeueinput] - Initializing RemoteQueueInputProcessor | |
| 01-30-2024 22:24:08.693 +0000 INFO RemoteQueueInputProcessor [1876 remotequeueinput] - RemoteQueueInputProcessor has not been enabled. | |
| 01-30-2024 22:24:08.696 +0000 INFO TcpInputProc [1878 tcp] - Registering metrics callback for: tcpin_connections | |
| 01-30-2024 22:24:08.699 +0000 WARN SSLOptions [1880 TcpListener] - inputs.conf/[SSL]/certLogRepeatFrequency: invalid value from system | |
| 01-30-2024 22:24:08.699 +0000 INFO TcpInputConfig [1880 TcpListener] - IPv4 port 9997 is reserved for splunk 2 splunk | |
| 01-30-2024 22:24:08.699 +0000 INFO TcpInputConfig [1880 TcpListener] - IPv4 port 9997 will negotiate s2s protocol level 6 | |
| 01-30-2024 22:24:08.700 +0000 INFO TcpInputProc [1880 TcpListener] - Creating fwd data Acceptor for IPv4 port 9997 with Non-SSL | |
| 01-30-2024 22:24:11.818 +0000 INFO ExecProcessor [1887 ExecProcessor] - New scheduled exec process: /opt/splunk/bin/splunkd instrument-resource-usage | |
| 01-30-2024 22:24:11.833 +0000 INFO ExecProcessor [1887 ExecProcessor] - interval: 0 ms | |
| 01-30-2024 22:24:11.835 +0000 INFO ExecProcessor [1887 ExecProcessor] - interval="0 */4 * * *" is a valid cron schedule | |
| 01-30-2024 22:24:11.835 +0000 INFO ExecProcessor [1887 ExecProcessor] - New scheduled exec process: /opt/splunk/bin/python3.7 /opt/splunk/etc/apps/python_upgrade_readiness_app/bin/eura_email_notification_switch_scripted_input.py | |
| 01-30-2024 22:24:11.835 +0000 INFO ExecProcessor [1887 ExecProcessor] - cron schedule: "0 */4 * * *" | |
| 01-30-2024 22:24:11.836 +0000 INFO ExecProcessor [1887 ExecProcessor] - interval="0 7,19 */1 * *" is a valid cron schedule | |
| 01-30-2024 22:24:11.836 +0000 INFO ExecProcessor [1887 ExecProcessor] - New scheduled exec process: /opt/splunk/bin/python3.7 /opt/splunk/etc/apps/python_upgrade_readiness_app/bin/eura_remote_latest_report.py | |
| 01-30-2024 22:24:11.836 +0000 INFO ExecProcessor [1887 ExecProcessor] - cron schedule: "0 7,19 */1 * *" | |
| 01-30-2024 22:24:11.836 +0000 INFO ExecProcessor [1887 ExecProcessor] - interval="0 */4 * * *" is a valid cron schedule | |
| 01-30-2024 22:24:11.836 +0000 INFO ExecProcessor [1887 ExecProcessor] - New scheduled exec process: /opt/splunk/bin/python3.7 /opt/splunk/etc/apps/python_upgrade_readiness_app/bin/eura_remote_scan_scripted_input.py | |
| 01-30-2024 22:24:11.837 +0000 INFO ExecProcessor [1887 ExecProcessor] - cron schedule: "0 */4 * * *" | |
| 01-30-2024 22:24:11.837 +0000 INFO ExecProcessor [1887 ExecProcessor] - interval="0 1 */1 * *" is a valid cron schedule | |
| 01-30-2024 22:24:11.838 +0000 INFO ExecProcessor [1887 ExecProcessor] - New scheduled exec process: /opt/splunk/bin/python3.7 /opt/splunk/etc/apps/python_upgrade_readiness_app/bin/eura_scan_apps.py | |
| 01-30-2024 22:24:11.838 +0000 INFO ExecProcessor [1887 ExecProcessor] - cron schedule: "0 1 */1 * *" | |
| 01-30-2024 22:24:11.838 +0000 INFO ExecProcessor [1887 ExecProcessor] - interval="0 6 * * 1" is a valid cron schedule | |
| 01-30-2024 22:24:11.838 +0000 INFO ExecProcessor [1887 ExecProcessor] - New scheduled exec process: /opt/splunk/bin/python3.7 /opt/splunk/etc/apps/python_upgrade_readiness_app/bin/eura_send_email.py | |
| 01-30-2024 22:24:11.838 +0000 INFO ExecProcessor [1887 ExecProcessor] - cron schedule: "0 6 * * 1" | |
| 01-30-2024 22:24:11.838 +0000 INFO ExecProcessor [1887 ExecProcessor] - interval="0 7,19 */1 * *" is a valid cron schedule | |
| 01-30-2024 22:24:11.838 +0000 INFO ExecProcessor [1887 ExecProcessor] - New scheduled exec process: /opt/splunk/bin/python3.7 /opt/splunk/etc/apps/python_upgrade_readiness_app/bin/jura_remote_latest_report.py | |
| 01-30-2024 22:24:11.838 +0000 INFO ExecProcessor [1887 ExecProcessor] - cron schedule: "0 7,19 */1 * *" | |
| 01-30-2024 22:24:11.839 +0000 INFO ExecProcessor [1887 ExecProcessor] - interval="0 */4 * * *" is a valid cron schedule | |
| 01-30-2024 22:24:11.839 +0000 INFO ExecProcessor [1887 ExecProcessor] - New scheduled exec process: /opt/splunk/bin/python3.7 /opt/splunk/etc/apps/python_upgrade_readiness_app/bin/jura_remote_scan_scripted_input.py | |
| 01-30-2024 22:24:11.839 +0000 INFO ExecProcessor [1887 ExecProcessor] - cron schedule: "0 */4 * * *" | |
| 01-30-2024 22:24:11.840 +0000 INFO ExecProcessor [1887 ExecProcessor] - interval="0 4 */1 * *" is a valid cron schedule | |
| 01-30-2024 22:24:11.841 +0000 INFO ExecProcessor [1887 ExecProcessor] - New scheduled exec process: /opt/splunk/bin/python3.7 /opt/splunk/etc/apps/python_upgrade_readiness_app/bin/jura_scan_apps.py | |
| 01-30-2024 22:24:11.841 +0000 INFO ExecProcessor [1887 ExecProcessor] - cron schedule: "0 4 */1 * *" | |
| 01-30-2024 22:24:11.843 +0000 INFO ExecProcessor [1887 ExecProcessor] - interval="0 6 * * 1" is a valid cron schedule | |
| 01-30-2024 22:24:11.847 +0000 INFO ExecProcessor [1887 ExecProcessor] - New scheduled exec process: /opt/splunk/bin/python3.7 /opt/splunk/etc/apps/python_upgrade_readiness_app/bin/jura_send_email.py | |
| 01-30-2024 22:24:11.848 +0000 INFO ExecProcessor [1887 ExecProcessor] - cron schedule: "0 6 * * 1" | |
| 01-30-2024 22:24:11.848 +0000 INFO ExecProcessor [1887 ExecProcessor] - interval="0 */4 * * *" is a valid cron schedule | |
| 01-30-2024 22:24:11.848 +0000 INFO ExecProcessor [1887 ExecProcessor] - New scheduled exec process: /opt/splunk/bin/python3.7 /opt/splunk/etc/apps/python_upgrade_readiness_app/bin/pura_email_notification_switch_scripted_input.py | |
| 01-30-2024 22:24:11.848 +0000 INFO ExecProcessor [1887 ExecProcessor] - cron schedule: "0 */4 * * *" | |
| 01-30-2024 22:24:11.848 +0000 INFO ExecProcessor [1887 ExecProcessor] - interval="7 */8 * * *" is a valid cron schedule | |
| 01-30-2024 22:24:11.848 +0000 INFO ExecProcessor [1887 ExecProcessor] - New scheduled exec process: /opt/splunk/bin/python3.7 /opt/splunk/etc/apps/python_upgrade_readiness_app/bin/pura_get_all_apps.py | |
| 01-30-2024 22:24:11.848 +0000 INFO ExecProcessor [1887 ExecProcessor] - cron schedule: "7 */8 * * *" | |
| 01-30-2024 22:24:11.849 +0000 INFO ExecProcessor [1887 ExecProcessor] - interval="0 4,16 */1 * *" is a valid cron schedule | |
| 01-30-2024 22:24:11.849 +0000 INFO ExecProcessor [1887 ExecProcessor] - New scheduled exec process: /opt/splunk/bin/python3.7 /opt/splunk/etc/apps/python_upgrade_readiness_app/bin/pura_remote_latest_report.py | |
| 01-30-2024 22:24:11.849 +0000 INFO ExecProcessor [1887 ExecProcessor] - cron schedule: "0 4,16 */1 * *" | |
| 01-30-2024 22:24:11.850 +0000 INFO ExecProcessor [1887 ExecProcessor] - interval="0 */4 * * *" is a valid cron schedule | |
| 01-30-2024 22:24:11.851 +0000 INFO ExecProcessor [1887 ExecProcessor] - New scheduled exec process: /opt/splunk/bin/python3.7 /opt/splunk/etc/apps/python_upgrade_readiness_app/bin/pura_remote_scan_scripted_input.py | |
| 01-30-2024 22:24:11.851 +0000 INFO ExecProcessor [1887 ExecProcessor] - cron schedule: "0 */4 * * *" | |
| 01-30-2024 22:24:11.854 +0000 INFO ExecProcessor [1887 ExecProcessor] - interval="0 1 */1 * *" is a valid cron schedule | |
| 01-30-2024 22:24:11.854 +0000 INFO ExecProcessor [1887 ExecProcessor] - New scheduled exec process: /opt/splunk/bin/python3.7 /opt/splunk/etc/apps/python_upgrade_readiness_app/bin/pura_scan_apps.py | |
| 01-30-2024 22:24:11.854 +0000 INFO ExecProcessor [1887 ExecProcessor] - cron schedule: "0 1 */1 * *" | |
| 01-30-2024 22:24:11.856 +0000 INFO ExecProcessor [1887 ExecProcessor] - interval="0 6 * * 1" is a valid cron schedule | |
| 01-30-2024 22:24:11.859 +0000 INFO ExecProcessor [1887 ExecProcessor] - New scheduled exec process: /opt/splunk/bin/python3.7 /opt/splunk/etc/apps/python_upgrade_readiness_app/bin/pura_send_email.py | |
| 01-30-2024 22:24:11.859 +0000 INFO ExecProcessor [1887 ExecProcessor] - cron schedule: "0 6 * * 1" | |
| 01-30-2024 22:24:11.861 +0000 INFO ExecProcessor [1887 ExecProcessor] - interval="* * * * *" is a valid cron schedule | |
| 01-30-2024 22:24:11.861 +0000 INFO ExecProcessor [1887 ExecProcessor] - New scheduled exec process: /opt/splunk/bin/python3.7 /opt/splunk/etc/apps/search/bin/quarantine_files.py | |
| 01-30-2024 22:24:11.861 +0000 INFO ExecProcessor [1887 ExecProcessor] - cron schedule: "* * * * *" | |
| 01-30-2024 22:24:11.862 +0000 INFO ExecProcessor [1887 ExecProcessor] - New scheduled exec process: /opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py | |
| 01-30-2024 22:24:11.862 +0000 INFO ExecProcessor [1887 ExecProcessor] - interval: run once | |
| 01-30-2024 22:24:11.864 +0000 INFO ExecProcessor [1887 ExecProcessor] - New scheduled exec process: /opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-rolling-upgrade/bin/complete.py | |
| 01-30-2024 22:24:11.865 +0000 INFO ExecProcessor [1887 ExecProcessor] - interval: run once | |
| 01-30-2024 22:24:11.869 +0000 INFO ExecProcessor [1887 ExecProcessor] - New scheduled exec process: /opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk_assist/bin/instance_id_modular_input.py | |
| 01-30-2024 22:24:11.869 +0000 INFO ExecProcessor [1887 ExecProcessor] - interval: 15000 ms | |
| 01-30-2024 22:24:11.871 +0000 INFO ExecProcessor [1887 ExecProcessor] - New scheduled exec process: /opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk_assist/bin/selfupdate_modular_input.py | |
| 01-30-2024 22:24:11.871 +0000 INFO ExecProcessor [1887 ExecProcessor] - interval: 300000 ms | |
| 01-30-2024 22:24:11.872 +0000 INFO ExecProcessor [1887 ExecProcessor] - New scheduled exec process: /opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk_assist/bin/supervisor_modular_input.py | |
| 01-30-2024 22:24:11.872 +0000 INFO ExecProcessor [1887 ExecProcessor] - interval: 15000 ms | |
| 01-30-2024 22:24:11.873 +0000 INFO ExecProcessor [1887 ExecProcessor] - New scheduled exec process: /opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk_assist/bin/uiassets_modular_input.py | |
| 01-30-2024 22:24:11.874 +0000 INFO ExecProcessor [1887 ExecProcessor] - interval: 15000 ms | |
| 01-30-2024 22:24:11.877 +0000 INFO ExecProcessor [1887 ExecProcessor] - interval="0 * * * *" is a valid cron schedule | |
| 01-30-2024 22:24:11.879 +0000 INFO ExecProcessor [1887 ExecProcessor] - New scheduled exec process: /opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk_instrumentation/bin/instrumentation.py | |
| 01-30-2024 22:24:11.880 +0000 INFO ExecProcessor [1887 ExecProcessor] - cron schedule: "0 * * * *" | |
| 01-30-2024 22:24:11.881 +0000 INFO ExecProcessor [1887 ExecProcessor] - New scheduled exec process: /opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk_instrumentation/bin/on_splunk_start.py | |
| 01-30-2024 22:24:11.881 +0000 INFO ExecProcessor [1887 ExecProcessor] - interval: run once | |
| 01-30-2024 22:24:11.881 +0000 INFO ExecProcessor [1887 ExecProcessor] - interval="0 0 * * *" is a valid cron schedule | |
| 01-30-2024 22:24:11.881 +0000 INFO ExecProcessor [1887 ExecProcessor] - New scheduled exec process: /opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk_instrumentation/bin/schedule_delete.py | |
| 01-30-2024 22:24:11.881 +0000 INFO ExecProcessor [1887 ExecProcessor] - cron schedule: "0 0 * * *" | |
| 01-30-2024 22:24:11.882 +0000 INFO ExecProcessor [1887 ExecProcessor] - New scheduled exec process: /opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk_monitoring_console/bin/dmc_config.py | |
| 01-30-2024 22:24:11.882 +0000 INFO ExecProcessor [1887 ExecProcessor] - interval: run once | |
| 01-30-2024 22:24:11.883 +0000 INFO ExecProcessor [1887 ExecProcessor] - New scheduled exec process: /opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk_monitoring_console/bin/mc_auto_config.py | |
| 01-30-2024 22:24:11.883 +0000 INFO ExecProcessor [1887 ExecProcessor] - interval: 3600000 ms | |
| 01-30-2024 22:24:11.883 +0000 INFO ExecProcessor [1887 ExecProcessor] - New scheduled exec process: /opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk_secure_gateway/bin/ssg_alerts_ttl_modular_input.py | |
| 01-30-2024 22:24:11.884 +0000 INFO ExecProcessor [1887 ExecProcessor] - interval: 3600000 ms | |
| 01-30-2024 22:24:11.885 +0000 INFO ExecProcessor [1887 ExecProcessor] - New scheduled exec process: /opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk_secure_gateway/bin/ssg_enable_modular_input.py | |
| 01-30-2024 22:24:11.885 +0000 INFO ExecProcessor [1887 ExecProcessor] - interval: 60000 ms | |
| 01-30-2024 22:24:12.840 +0000 INFO PipelineComponent [1394 MainThread] - Pipeline structuredparsing disabled in default-mode.conf file | |
| 01-30-2024 22:24:12.922 +0000 WARN IntrospectionGenerator:resource_usage [1887 ExecProcessor] - SSLOptions - server.conf/[sslConfig]/sslVerifyServerCert is false disabling certificate validation; must be set to "true" for increased security | |
| 01-30-2024 22:24:12.922 +0000 WARN IntrospectionGenerator:resource_usage [1887 ExecProcessor] - SSLCommon - PYTHONHTTPSVERIFY is set to 0 in splunk-launch.conf disabling certificate validation for the httplib and urllib libraries shipped with the embedded Python interpreter; must be set to "1" for increased security | |
| 01-30-2024 22:24:12.978 +0000 WARN IntrospectionGenerator:resource_usage [1887 ExecProcessor] - SSLOptions - server.conf/[kvstore]/sslVerifyServerCert is false disabling certificate validation; must be set to "true" for increased security | |
| 01-30-2024 22:24:13.024 +0000 INFO PipelineComponent [1394 MainThread] - Pipeline remotequeuetyping disabled in default-mode.conf file | |
| 01-30-2024 22:24:13.024 +0000 INFO PipelineComponent [1394 MainThread] - Pipeline remotequeueruleset disabled in default-mode.conf file | |
| 01-30-2024 22:24:13.024 +0000 INFO PipelineComponent [1394 MainThread] - Pipeline remotequeueoutput disabled in default-mode.conf file | |
| 01-30-2024 22:24:13.038 +0000 INFO IntrospectionGenerator:resource_usage [1887 ExecProcessor] - RU_main - I-data gathering (Resource Usage) starting; period=10s | |
| 01-30-2024 22:24:13.039 +0000 ERROR IntrospectionGenerator:resource_usage [1887 ExecProcessor] - RU - Mount '/' () is not interesting, iostats will not be collected. | |
| 01-30-2024 22:24:13.040 +0000 INFO IntrospectionGenerator:resource_usage [1887 ExecProcessor] - RU_main - I-data gathering (IO Statistics) starting; interval=60s | |
| 01-30-2024 22:24:13.040 +0000 INFO IntrospectionGenerator:resource_usage [1887 ExecProcessor] - RU_main - Starting I-data gathering (IOWait Statistics). Interval_secs=10 | |
| 01-30-2024 22:24:13.045 +0000 INFO RfsOutputProcessor [1990 rfsoutput] - Initializing RfsOutputProcessor. config=\n | |
| 01-30-2024 22:24:13.045 +0000 INFO RfsOutputProcessor [1990 rfsoutput] - Loading configuration for RfsOutputProcessor | |
| 01-30-2024 22:24:13.046 +0000 INFO RfsDestination [1990 rfsoutput] - Start configuring rfsoutputs for scheme=file | |
| 01-30-2024 22:24:13.046 +0000 INFO RfsDestination [1990 rfsoutput] - mem_limit_bytes=1073741824 max_workers=4 max_jobs=4096 | |
| 01-30-2024 22:24:13.046 +0000 INFO RfsDestination [1990 rfsoutput] - Finished configuring scheme=file num_dests=0 | |
| 01-30-2024 22:24:13.046 +0000 INFO RfsDestination [1990 rfsoutput] - Start configuring rfsoutputs for scheme=s3 | |
| 01-30-2024 22:24:13.046 +0000 INFO RfsDestination [1990 rfsoutput] - mem_limit_bytes=1073741824 max_workers=4 max_jobs=4096 | |
| 01-30-2024 22:24:13.046 +0000 INFO RfsDestination [1990 rfsoutput] - Finished configuring scheme=s3 num_dests=0 | |
| 01-30-2024 22:24:13.046 +0000 INFO RfsOutputProcessor [1990 rfsoutput] - No valid RfsOutputProcessors destinations found in outputs.conf across all supported remote storage schemes | |
| 01-30-2024 22:24:13.046 +0000 INFO RfsOutputProcessor [1990 rfsoutput] - RfsOutputProcessor configuration stored as pending, will be loaded soon. | |
| 01-30-2024 22:24:13.139 +0000 INFO TeeProcessor [2005 tee] - Initializing the tee processor. | |
| 01-30-2024 22:24:13.153 +0000 INFO PipelineComponent [1394 MainThread] - Pipeline vix disabled in default-mode.conf file | |
| 01-30-2024 22:24:13.347 +0000 INFO PipelineComponent [1394 MainThread] - Launching the pipelines for set 0. | |
| 01-30-2024 22:24:13.350 +0000 INFO MetricAlertManager [1978 SchedulerThread] - 0 active metric alerts (out of 0 total) are categorized into 0 groups. | |
| 01-30-2024 22:24:13.357 +0000 INFO TcpOutputProc [1867 indexerPipe] - _isHttpOutConfigured=NOT_CONFIGURED | |
| 01-30-2024 22:24:13.362 +0000 INFO PipelineComponent [1394 MainThread] - Pipeline set weights calculation timeout period has been set to value=30.000 seconds. | |
| 01-30-2024 22:24:13.362 +0000 INFO PipelineComponent [1394 MainThread] - Pipeline set number of tracking periods has been set to value=5. | |
| 01-30-2024 22:24:13.366 +0000 INFO CMBucketId [1867 indexerPipe] - CMIndexId: New indexName=_audit inserted, mapping to id=1 | |
| 01-30-2024 22:24:13.367 +0000 INFO IndexWriter [1867 indexerPipe] - Creating hot bucket=hot_v1_0, idx=_audit, bid=_audit~0~A194E1FA-0225-486F-A281-1AF937B2C5CC, path_crc32=3387759504, event timestamp=1706653413, reason=suitable bucket not found, hot_buckets=0, max=3, sourcetype=audittrail | |
| 01-30-2024 22:24:13.368 +0000 INFO DatabaseDirectoryManager [1867 indexerPipe] - idx=_audit writing a bucket manifest in hotWarmPath='/opt/splunk/var/lib/splunk/audit/db' pendingBucketUpdates=1 innerLockTime=0.000. Reason='New hot bucket bid=_audit~0~A194E1FA-0225-486F-A281-1AF937B2C5CC bucket_action=add' | |
| 01-30-2024 22:24:13.369 +0000 INFO DatabaseDirectoryManager [1867 indexerPipe] - Finished writing bucket manifest in hotWarmPath=/opt/splunk/var/lib/splunk/audit/db duration=0.000 | |
| 01-30-2024 22:24:13.369 +0000 INFO ServerRoles [1867 indexerPipe] - Declared role=indexer. | |
| 01-30-2024 22:24:13.685 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" clustering mode is disabled | |
| 01-30-2024 22:24:13.788 +0000 INFO ConfigWatcher [1400 HTTPDispatch] - Loaded configtracker settings with disabled=0 mode=auto log_throttling_disabled=1 log_throttling_threshold_ms=10.000 denylist= exclude_fields= | |
| 01-30-2024 22:24:13.795 +0000 INFO TailingProcessor [2012 MainTailingThread] - TailWatcher initializing... | |
| 01-30-2024 22:24:13.796 +0000 INFO TailReader [2017 tailreader0] - Registering metrics callback for: tailreader0 | |
| 01-30-2024 22:24:13.796 +0000 INFO TailReader [2017 tailreader0] - Starting tailreader0 thread | |
| 01-30-2024 22:24:13.796 +0000 INFO TailReader [2017 tailreader0] - tailreader0 waiting to be un-paused | |
| 01-30-2024 22:24:13.796 +0000 INFO TailingProcessor [2012 MainTailingThread] - Parsing configuration stanza: batch://$SPLUNK_HOME/var/run/splunk/search_telemetry/*search_telemetry.json. | |
| 01-30-2024 22:24:13.799 +0000 INFO TailingProcessor [2012 MainTailingThread] - Parsing configuration stanza: batch://$SPLUNK_HOME/var/spool/splunk. | |
| 01-30-2024 22:24:13.799 +0000 INFO TailingProcessor [2012 MainTailingThread] - Parsing configuration stanza: batch://$SPLUNK_HOME/var/spool/splunk/...stash_hec. | |
| 01-30-2024 22:24:13.800 +0000 INFO TailingProcessor [2012 MainTailingThread] - Parsing configuration stanza: batch://$SPLUNK_HOME/var/spool/splunk/...stash_new. | |
| 01-30-2024 22:24:13.801 +0000 INFO TailingProcessor [2012 MainTailingThread] - Parsing configuration stanza: batch://$SPLUNK_HOME/var/spool/splunk/tracker.log*. | |
| 01-30-2024 22:24:13.801 +0000 INFO TailReader [2018 batchreader0] - Registering metrics callback for: batchreader0 | |
| 01-30-2024 22:24:13.802 +0000 INFO TailReader [2018 batchreader0] - Starting batchreader0 thread | |
| 01-30-2024 22:24:13.802 +0000 INFO TailReader [2018 batchreader0] - batchreader0 waiting to be un-paused | |
| 01-30-2024 22:24:13.802 +0000 INFO TailingProcessor [2012 MainTailingThread] - Parsing configuration stanza: monitor://$SPLUNK_HOME/etc/splunk.version. | |
| 01-30-2024 22:24:13.802 +0000 INFO TailingProcessor [2012 MainTailingThread] - Parsing configuration stanza: monitor://$SPLUNK_HOME/var/log/introspection. | |
| 01-30-2024 22:24:13.802 +0000 INFO TailingProcessor [2012 MainTailingThread] - Parsing configuration stanza: monitor://$SPLUNK_HOME/var/log/splunk. | |
| 01-30-2024 22:24:13.802 +0000 INFO TailingProcessor [2012 MainTailingThread] - Parsing configuration stanza: monitor://$SPLUNK_HOME/var/log/splunk/configuration_change.log. | |
| 01-30-2024 22:24:13.803 +0000 INFO TailingProcessor [2012 MainTailingThread] - Parsing configuration stanza: monitor://$SPLUNK_HOME/var/log/splunk/eura_*. | |
| 01-30-2024 22:24:13.804 +0000 INFO TailingProcessor [2012 MainTailingThread] - Parsing configuration stanza: monitor://$SPLUNK_HOME/var/log/splunk/jura_*. | |
| 01-30-2024 22:24:13.805 +0000 INFO TailingProcessor [2012 MainTailingThread] - Parsing configuration stanza: monitor://$SPLUNK_HOME/var/log/splunk/license_usage_summary.log. | |
| 01-30-2024 22:24:13.805 +0000 INFO TailingProcessor [2012 MainTailingThread] - Parsing configuration stanza: monitor://$SPLUNK_HOME/var/log/splunk/pura_*. | |
| 01-30-2024 22:24:13.828 +0000 INFO TailingProcessor [2012 MainTailingThread] - Parsing configuration stanza: monitor://$SPLUNK_HOME/var/log/splunk/splunk_instrumentation_cloud.log*. | |
| 01-30-2024 22:24:13.830 +0000 INFO TailingProcessor [2012 MainTailingThread] - Parsing configuration stanza: monitor://$SPLUNK_HOME/var/log/watchdog/watchdog.log*. | |
| 01-30-2024 22:24:13.832 +0000 INFO TailReader [2012 MainTailingThread] - State transitioning from 1 to 0 (initOrResume). | |
| 01-30-2024 22:24:13.832 +0000 INFO TailReader [2012 MainTailingThread] - State transitioning from 1 to 0 (initOrResume). | |
| 01-30-2024 22:24:13.832 +0000 INFO TailingProcessor [2012 MainTailingThread] - Adding watch on path: /opt/splunk/etc/splunk.version. | |
| 01-30-2024 22:24:13.832 +0000 INFO TailingProcessor [2012 MainTailingThread] - Adding watch on path: /opt/splunk/var/log/introspection. | |
| 01-30-2024 22:24:13.833 +0000 INFO TailingProcessor [2012 MainTailingThread] - Adding watch on path: /opt/splunk/var/log/splunk. | |
| 01-30-2024 22:24:13.833 +0000 INFO TailingProcessor [2012 MainTailingThread] - Adding watch on path: /opt/splunk/var/log/watchdog. | |
| 01-30-2024 22:24:13.833 +0000 INFO TailingProcessor [2012 MainTailingThread] - Adding watch on path: /opt/splunk/var/run/splunk/search_telemetry. | |
| 01-30-2024 22:24:13.833 +0000 INFO TailingProcessor [2012 MainTailingThread] - Adding watch on path: /opt/splunk/var/spool/splunk. | |
| 01-30-2024 22:24:13.869 +0000 INFO ConfigWatcher [2019 SplunkConfigChangeWatcherThread] - SplunkConfigChangeWatcher initializing... | |
| 01-30-2024 22:24:13.869 +0000 INFO ConfigWatcher [2019 SplunkConfigChangeWatcherThread] - Kernel File Notification is enabled on this instance. inotify will be used for configuration tracking. | |
| 01-30-2024 22:24:13.894 +0000 INFO ConfigWatcher [2019 SplunkConfigChangeWatcherThread] - Watching path: /opt/splunk/etc/system/local, /opt/splunk/etc/system/default, /opt/splunk/etc/apps, /opt/splunk/etc/users, /opt/splunk/etc/peer-apps, /opt/splunk/etc/instance.cfg | |
| 01-30-2024 22:24:13.894 +0000 INFO ConfigWatcher [2019 SplunkConfigChangeWatcherThread] - Finding the deleted watched configuration files (while splunkd was down) completed in duration=0 secs | |
| 01-30-2024 22:24:13.924 +0000 INFO CMBucketId [1867 indexerPipe] - CMIndexId: New indexName=_internal inserted, mapping to id=2 | |
| 01-30-2024 22:24:13.924 +0000 INFO IndexWriter [1867 indexerPipe] - Creating hot bucket=hot_v1_0, idx=_internal, bid=_internal~0~A194E1FA-0225-486F-A281-1AF937B2C5CC, path_crc32=3569368279, event timestamp=1706653453, reason=suitable bucket not found, hot_buckets=0, max=3, sourcetype=splunk_version | |
| 01-30-2024 22:24:13.925 +0000 INFO DatabaseDirectoryManager [1867 indexerPipe] - idx=_internal writing a bucket manifest in hotWarmPath='/opt/splunk/var/lib/splunk/_internaldb/db' pendingBucketUpdates=1 innerLockTime=0.000. Reason='New hot bucket bid=_internal~0~A194E1FA-0225-486F-A281-1AF937B2C5CC bucket_action=add' | |
| 01-30-2024 22:24:13.933 +0000 INFO DatabaseDirectoryManager [1867 indexerPipe] - Finished writing bucket manifest in hotWarmPath=/opt/splunk/var/lib/splunk/_internaldb/db duration=0.007 | |
| 01-30-2024 22:24:14.147 +0000 INFO loader [1400 HTTPDispatch] - Limiting REST HTTP server to 349525 sockets | |
| 01-30-2024 22:24:14.151 +0000 INFO loader [1400 HTTPDispatch] - Limiting REST HTTP server to 1324 threads | |
| 01-30-2024 22:24:14.373 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" splunk-dashboard-studio version is 1.11.7 | |
| 01-30-2024 22:24:14.374 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" Content of /opt/splunk/etc/apps/splunk-dashboard-studio/kvstore_icon_status.conf is {} | |
| 01-30-2024 22:24:14.374 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" dashboard studio version is not matching uploaded version in splunk-dashboard-studio/kvstore_icon_status.conf. checking kvstore now ... | |
| 01-30-2024 22:24:14.664 +0000 WARN SSLOptions [1978 SchedulerThread] - server.conf/[search_state]/sslVerifyServerCert is false disabling certificate validation; must be set to "true" for increased security | |
| 01-30-2024 22:24:14.665 +0000 WARN SSLOptions [1978 SchedulerThread] - server.conf/[search_state]/sslVerifyServerCert is false disabling certificate validation; must be set to "true" for increased security | |
| 01-30-2024 22:24:14.708 +0000 INFO MetricSchemaProcessor [1999 typing] - channel confkey=source::/opt/splunk/var/log/introspection/disk_objects.log|host::a0b98db34268|splunk_intro_disk_objects|CLONE_CHANNEL has an event with no measure, will be skipped. | |
| 01-30-2024 22:24:14.708 +0000 INFO MetricSchemaProcessor [1999 typing] - log messages will be throttled. POST to /services/admin/metric-schema-reload/_reload will force reset of the throttle counters | |
| 01-30-2024 22:24:14.709 +0000 INFO CMBucketId [1867 indexerPipe] - CMIndexId: New indexName=_introspection inserted, mapping to id=3 | |
| 01-30-2024 22:24:14.709 +0000 INFO IndexWriter [1867 indexerPipe] - Creating hot bucket=hot_v1_0, idx=_introspection, bid=_introspection~0~A194E1FA-0225-486F-A281-1AF937B2C5CC, path_crc32=198624182, event timestamp=1706653448, reason=suitable bucket not found, hot_buckets=0, max=3, sourcetype=splunk_disk_objects | |
| 01-30-2024 22:24:14.710 +0000 INFO DatabaseDirectoryManager [1867 indexerPipe] - idx=_introspection writing a bucket manifest in hotWarmPath='/opt/splunk/var/lib/splunk/_introspection/db' pendingBucketUpdates=1 innerLockTime=0.000. Reason='New hot bucket bid=_introspection~0~A194E1FA-0225-486F-A281-1AF937B2C5CC bucket_action=add' | |
| 01-30-2024 22:24:14.711 +0000 INFO DatabaseDirectoryManager [1867 indexerPipe] - Finished writing bucket manifest in hotWarmPath=/opt/splunk/var/lib/splunk/_introspection/db duration=0.001 | |
| 01-30-2024 22:24:14.717 +0000 INFO CMBucketId [1867 indexerPipe] - CMIndexId: New indexName=_metrics inserted, mapping to id=4 | |
| 01-30-2024 22:24:14.717 +0000 INFO IndexWriter [1867 indexerPipe] - Creating hot bucket=hot_v1_0, idx=_metrics, bid=_metrics~0~A194E1FA-0225-486F-A281-1AF937B2C5CC, path_crc32=198624182, event timestamp=1706653448, reason=suitable bucket not found, hot_buckets=0, max=6, sourcetype=splunk_intro_disk_objects | |
| 01-30-2024 22:24:14.718 +0000 INFO DatabaseDirectoryManager [1867 indexerPipe] - idx=_metrics writing a bucket manifest in hotWarmPath='/opt/splunk/var/lib/splunk/_metrics/db' pendingBucketUpdates=1 innerLockTime=0.000. Reason='New hot bucket bid=_metrics~0~A194E1FA-0225-486F-A281-1AF937B2C5CC bucket_action=add' | |
| 01-30-2024 22:24:14.720 +0000 INFO DatabaseDirectoryManager [1867 indexerPipe] - Finished writing bucket manifest in hotWarmPath=/opt/splunk/var/lib/splunk/_metrics/db duration=0.002 | |
| 01-30-2024 22:24:14.733 +0000 INFO UiHttpListener [2030 WebuiStartup] - Limiting UI HTTP server to 349525 sockets | |
| 01-30-2024 22:24:14.734 +0000 INFO UiHttpListener [2030 WebuiStartup] - Limiting UI HTTP server to 1324 threads | |
| 01-30-2024 22:24:14.740 +0000 INFO IndexWriter [1867 indexerPipe] - Creating hot bucket=hot_v1_1, idx=_metrics, bid=_metrics~1~A194E1FA-0225-486F-A281-1AF937B2C5CC, path_crc32=198624182, event timestamp=1706653448, reason=suitable bucket not found, hot_buckets=1, max=6, sourcetype=splunk_intro_disk_objects | |
| 01-30-2024 22:24:14.744 +0000 INFO DatabaseDirectoryManager [1867 indexerPipe] - idx=_metrics writing a bucket manifest in hotWarmPath='/opt/splunk/var/lib/splunk/_metrics/db' pendingBucketUpdates=1 innerLockTime=0.002. Reason='New hot bucket bid=_metrics~1~A194E1FA-0225-486F-A281-1AF937B2C5CC bucket_action=add' | |
| 01-30-2024 22:24:14.749 +0000 INFO ProxyConfig [2030 WebuiStartup] - Failed to initialize http_proxy from server.conf for splunkd. Please make sure that the http_proxy property is set as http_proxy=http://host:port in case HTTP proxying needs to be enabled. | |
| 01-30-2024 22:24:14.749 +0000 INFO ProxyConfig [2030 WebuiStartup] - Failed to initialize https_proxy from server.conf for splunkd. Please make sure that the https_proxy property is set as https_proxy=http://host:port in case HTTP proxying needs to be enabled. | |
| 01-30-2024 22:24:14.749 +0000 INFO ProxyConfig [2030 WebuiStartup] - Failed to initialize the proxy_rules setting from server.conf for splunkd. Please provide a valid set of proxy_rules in case HTTP proxying needs to be enabled. | |
| 01-30-2024 22:24:14.749 +0000 INFO ProxyConfig [2030 WebuiStartup] - Failed to initialize the no_proxy setting from server.conf for splunkd. Please provide a valid set of no_proxy rules in case HTTP proxying needs to be enabled. | |
| 01-30-2024 22:24:14.765 +0000 INFO DatabaseDirectoryManager [1867 indexerPipe] - Finished writing bucket manifest in hotWarmPath=/opt/splunk/var/lib/splunk/_metrics/db duration=0.022 | |
| 01-30-2024 22:24:14.773 +0000 INFO IndexWriter [1867 indexerPipe] - Creating hot bucket=hot_v1_2, idx=_metrics, bid=_metrics~2~A194E1FA-0225-486F-A281-1AF937B2C5CC, path_crc32=198624182, event timestamp=1706653448, reason=suitable bucket not found, hot_buckets=2, max=6, sourcetype=splunk_intro_disk_objects | |
| 01-30-2024 22:24:14.785 +0000 INFO DatabaseDirectoryManager [1867 indexerPipe] - idx=_metrics writing a bucket manifest in hotWarmPath='/opt/splunk/var/lib/splunk/_metrics/db' pendingBucketUpdates=1 innerLockTime=0.000. Reason='New hot bucket bid=_metrics~2~A194E1FA-0225-486F-A281-1AF937B2C5CC bucket_action=add' | |
| 01-30-2024 22:24:14.786 +0000 INFO DatabaseDirectoryManager [1867 indexerPipe] - Finished writing bucket manifest in hotWarmPath=/opt/splunk/var/lib/splunk/_metrics/db duration=0.002 | |
| 01-30-2024 22:24:14.791 +0000 INFO CMBucketId [1867 indexerPipe] - CMIndexId: New indexName=_configtracker inserted, mapping to id=5 | |
| 01-30-2024 22:24:14.791 +0000 INFO IndexWriter [1867 indexerPipe] - Creating hot bucket=hot_v1_0, idx=_configtracker, bid=_configtracker~0~A194E1FA-0225-486F-A281-1AF937B2C5CC, path_crc32=3270412173, event timestamp=1706653453, reason=suitable bucket not found, hot_buckets=0, max=3, sourcetype=splunk_configuration_change | |
| 01-30-2024 22:24:14.801 +0000 INFO DatabaseDirectoryManager [1867 indexerPipe] - idx=_configtracker writing a bucket manifest in hotWarmPath='/opt/splunk/var/lib/splunk/_configtracker/db' pendingBucketUpdates=1 innerLockTime=0.009. Reason='New hot bucket bid=_configtracker~0~A194E1FA-0225-486F-A281-1AF937B2C5CC bucket_action=add' | |
| 01-30-2024 22:24:14.802 +0000 INFO DatabaseDirectoryManager [1867 indexerPipe] - Finished writing bucket manifest in hotWarmPath=/opt/splunk/var/lib/splunk/_configtracker/db duration=0.009 | |
| 01-30-2024 22:24:15.472 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" kvstore current status is starting | |
| 01-30-2024 22:24:15.472 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" kvstore current status is starting, wait 5 seconds | |
| 01-30-2024 22:24:15.974 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk_secure_gateway/bin/ssg_alerts_ttl_modular_input.py" [ssg_alerts_ttl_modular_input.app:67] [setup_logging] [1971] splunk_secure_gateway_modular_input.log could not be created, will attempt to reinitialize in the next run of ssg_alerts_ttl_modular_input.app | |
| 01-30-2024 22:24:16.101 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk_assist/bin/instance_id_modular_input.py" [assist::instance_id_modular_input.py:23] [_set_app_config] [1951] Updating local node config, key=instance_id, value=34e8a429-87a4-472b-9ed1-b7a6df8158fc | |
| 01-30-2024 22:24:16.333 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk_assist/bin/instance_id_modular_input.py" [assist::instance_id_modular_input.py:14] [ensure_instance_id] [1951] Updated instance_id, instance_id=34e8a429-87a4-472b-9ed1-b7a6df8158fc | |
| 01-30-2024 22:24:17.245 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk_secure_gateway/bin/ssg_enable_modular_input.py" [secure_gateway_enable.app:67] [setup_logging] [1973] splunk_secure_gateway_metrics.log could not be created, will attempt to reinitialize in the next run of secure_gateway_enable.app | |
| 01-30-2024 22:24:20.606 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" kvstore current status is starting | |
| 01-30-2024 22:24:20.606 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" kvstore current status is starting, wait 5 seconds | |
| 01-30-2024 22:24:24.701 +0000 INFO NoahSearchPeerFetcher [2039 AuditSearchExecutor] - Fetch requested. sid=alertsmanager_1706653464.1 use_cache=1 | |
| 01-30-2024 22:24:24.703 +0000 WARN SearchProcessRunner [2039 AuditSearchExecutor] - Preforked search process pool limits: max_search_process_pool=2048, manager_threads=1, enable_search_process_long_lifespan=1, max_search_process_per_manager=2048, max_idle_process_count=64, max_idle_process_memory=1048576 | |
| 01-30-2024 22:24:25.175 +0000 WARN AlertsManager [2039 AuditSearchExecutor] - alerts migration to dynamoDB needed: false | |
| 01-30-2024 22:24:25.735 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" kvstore current status is starting | |
| 01-30-2024 22:24:25.735 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" kvstore current status is starting, wait 5 seconds | |
| 01-30-2024 22:24:30.860 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" kvstore current status is starting | |
| 01-30-2024 22:24:30.860 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" kvstore current status is starting, wait 5 seconds | |
| 01-30-2024 22:24:35.982 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" kvstore current status is starting | |
| 01-30-2024 22:24:35.982 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" kvstore current status is starting, wait 5 seconds | |
| 01-30-2024 22:24:38.565 +0000 WARN DispatchReaper [1836 DispatchReaper] - Received shutdown signal during startup reaping and did not complete all reaping tasks. Reaping will be performed upon next startup. | |
| 01-30-2024 22:24:41.094 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" kvstore current status is starting | |
| 01-30-2024 22:24:41.094 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" kvstore current status is starting, wait 5 seconds | |
| 01-30-2024 22:24:41.567 +0000 INFO TailReader [2017 tailreader0] - Batch input finished reading file='/opt/splunk/var/spool/splunk/tracker.log' | |
| 01-30-2024 22:24:43.382 +0000 INFO IndexWriter [1867 indexerPipe] - Creating hot bucket=hot_v1_3, idx=_metrics, bid=_metrics~3~A194E1FA-0225-486F-A281-1AF937B2C5CC, path_crc32=1142652131, event timestamp=1706653483, reason=suitable bucket not found, hot_buckets=3, max=6, sourcetype=splunk_metrics_log | |
| 01-30-2024 22:24:43.385 +0000 INFO MetricSchemaProcessor [1999 typing] - channel confkey=source::/opt/splunk/var/log/splunk/metrics.log|host::a0b98db34268|splunk_metrics_log|CLONE_CHANNEL has an event with no measure, will be skipped. | |
| 01-30-2024 22:24:43.386 +0000 INFO DatabaseDirectoryManager [1867 indexerPipe] - idx=_metrics writing a bucket manifest in hotWarmPath='/opt/splunk/var/lib/splunk/_metrics/db' pendingBucketUpdates=1 innerLockTime=0.001. Reason='New hot bucket bid=_metrics~3~A194E1FA-0225-486F-A281-1AF937B2C5CC bucket_action=add' | |
| 01-30-2024 22:24:43.387 +0000 INFO DatabaseDirectoryManager [1867 indexerPipe] - Finished writing bucket manifest in hotWarmPath=/opt/splunk/var/lib/splunk/_metrics/db duration=0.002 | |
| 01-30-2024 22:24:43.821 +0000 INFO IndexWriter [1867 indexerPipe] - Creating hot bucket=hot_v1_4, idx=_metrics, bid=_metrics~4~A194E1FA-0225-486F-A281-1AF937B2C5CC, path_crc32=1142652131, event timestamp=1706653483, reason=suitable bucket not found, hot_buckets=4, max=6, sourcetype=splunk_metrics_log | |
| 01-30-2024 22:24:43.825 +0000 INFO DatabaseDirectoryManager [1867 indexerPipe] - idx=_metrics writing a bucket manifest in hotWarmPath='/opt/splunk/var/lib/splunk/_metrics/db' pendingBucketUpdates=1 innerLockTime=0.001. Reason='New hot bucket bid=_metrics~4~A194E1FA-0225-486F-A281-1AF937B2C5CC bucket_action=add' | |
| 01-30-2024 22:24:43.826 +0000 INFO DatabaseDirectoryManager [1867 indexerPipe] - Finished writing bucket manifest in hotWarmPath=/opt/splunk/var/lib/splunk/_metrics/db duration=0.003 | |
| 01-30-2024 22:24:44.694 +0000 INFO NoahSearchPeerFetcher [1978 SchedulerThread] - Fetch requested. sid=scheduler__nobody_c3BsdW5rX21vbml0b3JpbmdfY29uc29sZQ__RMD54740dfff07b17ef1_at_1706653453_0 use_cache=1 | |
| 01-30-2024 22:24:44.980 +0000 INFO KeyManagerLocalhost [2037 TcpChannelThread] - Checking for localhost key pair | |
| 01-30-2024 22:24:44.980 +0000 INFO KeyManagerLocalhost [2037 TcpChannelThread] - Public key already exists: /opt/splunk/etc/auth/distServerKeys/trusted.pem | |
| 01-30-2024 22:24:44.980 +0000 INFO KeyManagerLocalhost [2037 TcpChannelThread] - Reading public key for localhost: /opt/splunk/etc/auth/distServerKeys/trusted.pem | |
| 01-30-2024 22:24:44.980 +0000 INFO KeyManagerLocalhost [2037 TcpChannelThread] - Finished reading public key for localhost: /opt/splunk/etc/auth/distServerKeys/trusted.pem | |
| 01-30-2024 22:24:44.980 +0000 INFO KeyManagerLocalhost [2037 TcpChannelThread] - Reading private key for localhost: /opt/splunk/etc/auth/distServerKeys/private.pem | |
| 01-30-2024 22:24:44.980 +0000 INFO KeyManagerLocalhost [2037 TcpChannelThread] - Finished reading private key for localhost: /opt/splunk/etc/auth/distServerKeys/private.pem | |
| 01-30-2024 22:24:45.036 +0000 INFO DispatchStorageManager [2037 TcpChannelThread] - Remote storage disabled for search artifacts. | |
| 01-30-2024 22:24:46.245 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" kvstore current status is starting | |
| 01-30-2024 22:24:46.245 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" kvstore current status is starting, wait 5 seconds | |
| 01-30-2024 22:24:48.644 +0000 INFO ServerRoles [1829 KVStoreConfigurationThread] - Declared role=kv_store. | |
| 01-30-2024 22:24:48.644 +0000 INFO CertStorageProvider [1829 KVStoreConfigurationThread] - Updating status from starting to ready | |
| 01-30-2024 22:24:48.644 +0000 INFO CertStorageProvider [1829 KVStoreConfigurationThread] - Updating status from starting to ready | |
| 01-30-2024 22:24:48.644 +0000 INFO Rsa2FA [1829 KVStoreConfigurationThread] - Could not find [externalTwoFactorAuthSettings] in authentication stanza. | |
| 01-30-2024 22:24:48.644 +0000 INFO LoggedOutSessionManager [1829 KVStoreConfigurationThread] - Not enabling token invalidation. kvstore_enabled=1 kvstore_status=ready invalidateSessionTokensOnLogout=0 | |
| 01-30-2024 22:24:51.367 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" kvstore current status is ready | |
| 01-30-2024 22:24:51.367 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" kvstore status is ready, start next step to upload icons | |
| 01-30-2024 22:24:51.375 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" start saving to kvstore, name is icon-laptop__52890fef-3a2c-46f8-bd0b-ed50e62b7290.svg, type is image/svg+xml | |
| 01-30-2024 22:24:51.606 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" complete saving to kvstore, response: {'date': 'Tue, 30 Jan 2024 22:24:51 GMT', 'expires': 'Thu, 26 Oct 1978 00:00:00 GMT', 'cache-control': 'no-store, no-cache, must-revalidate, max-age=0', 'content-type': 'application/json; charset=UTF-8', 'x-content-type-options': 'nosniff', 'content-length': '64', 'vary': 'Authorization', 'connection': 'Close', 'x-frame-options': 'SAMEORIGIN', 'server': 'Splunkd', 'status': '201'}, content: b'{"_key":"icon-laptop__52890fef-3a2c-46f8-bd0b-ed50e62b7290.svg"}' | |
| 01-30-2024 22:24:51.608 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" start saving to kvstore, name is icon-datacenters__440605f5-471f-4bba-ab7d-80e274222c77.svg, type is image/svg+xml | |
| 01-30-2024 22:24:51.617 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" complete saving to kvstore, response: {'date': 'Tue, 30 Jan 2024 22:24:51 GMT', 'expires': 'Thu, 26 Oct 1978 00:00:00 GMT', 'cache-control': 'no-store, no-cache, must-revalidate, max-age=0', 'content-type': 'application/json; charset=UTF-8', 'x-content-type-options': 'nosniff', 'content-length': '69', 'vary': 'Authorization', 'connection': 'Close', 'x-frame-options': 'SAMEORIGIN', 'server': 'Splunkd', 'status': '201'}, content: b'{"_key":"icon-datacenters__440605f5-471f-4bba-ab7d-80e274222c77.svg"}' | |
| 01-30-2024 22:24:51.617 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" start saving to kvstore, name is icon-active-directory__e03b60f5-d599-485e-bc89-67b86f2f80c7.svg, type is image/svg+xml | |
| 01-30-2024 22:24:51.623 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" complete saving to kvstore, response: {'date': 'Tue, 30 Jan 2024 22:24:51 GMT', 'expires': 'Thu, 26 Oct 1978 00:00:00 GMT', 'cache-control': 'no-store, no-cache, must-revalidate, max-age=0', 'content-type': 'application/json; charset=UTF-8', 'x-content-type-options': 'nosniff', 'content-length': '74', 'vary': 'Authorization', 'connection': 'Close', 'x-frame-options': 'SAMEORIGIN', 'server': 'Splunkd', 'status': '201'}, content: b'{"_key":"icon-active-directory__e03b60f5-d599-485e-bc89-67b86f2f80c7.svg"}' | |
| 01-30-2024 22:24:51.623 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" start saving to kvstore, name is icon-datastores__bc6a3e09-0548-405c-a5aa-916e6b8b5069.svg, type is image/svg+xml | |
| 01-30-2024 22:24:51.630 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" complete saving to kvstore, response: {'date': 'Tue, 30 Jan 2024 22:24:51 GMT', 'expires': 'Thu, 26 Oct 1978 00:00:00 GMT', 'cache-control': 'no-store, no-cache, must-revalidate, max-age=0', 'content-type': 'application/json; charset=UTF-8', 'x-content-type-options': 'nosniff', 'content-length': '68', 'vary': 'Authorization', 'connection': 'Close', 'x-frame-options': 'SAMEORIGIN', 'server': 'Splunkd', 'status': '201'}, content: b'{"_key":"icon-datastores__bc6a3e09-0548-405c-a5aa-916e6b8b5069.svg"}' | |
| 01-30-2024 22:24:51.630 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" start saving to kvstore, name is icon-gear__c99f1d12-649f-433a-890a-bbf5cf548a6a.svg, type is image/svg+xml | |
| 01-30-2024 22:24:51.639 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" complete saving to kvstore, response: {'date': 'Tue, 30 Jan 2024 22:24:51 GMT', 'expires': 'Thu, 26 Oct 1978 00:00:00 GMT', 'cache-control': 'no-store, no-cache, must-revalidate, max-age=0', 'content-type': 'application/json; charset=UTF-8', 'x-content-type-options': 'nosniff', 'content-length': '62', 'vary': 'Authorization', 'connection': 'Close', 'x-frame-options': 'SAMEORIGIN', 'server': 'Splunkd', 'status': '201'}, content: b'{"_key":"icon-gear__c99f1d12-649f-433a-890a-bbf5cf548a6a.svg"}' | |
| 01-30-2024 22:24:51.639 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" start saving to kvstore, name is icon-profile__f42da35c-8364-4004-94b8-ff02a7d0db83.svg, type is image/svg+xml | |
| 01-30-2024 22:24:51.645 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" complete saving to kvstore, response: {'date': 'Tue, 30 Jan 2024 22:24:51 GMT', 'expires': 'Thu, 26 Oct 1978 00:00:00 GMT', 'cache-control': 'no-store, no-cache, must-revalidate, max-age=0', 'content-type': 'application/json; charset=UTF-8', 'x-content-type-options': 'nosniff', 'content-length': '65', 'vary': 'Authorization', 'connection': 'Close', 'x-frame-options': 'SAMEORIGIN', 'server': 'Splunkd', 'status': '201'}, content: b'{"_key":"icon-profile__f42da35c-8364-4004-94b8-ff02a7d0db83.svg"}' | |
| 01-30-2024 22:24:51.646 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" start saving to kvstore, name is icon-mobile__b5237b27-e8b3-4c1e-b247-341eea64a063.svg, type is image/svg+xml | |
| 01-30-2024 22:24:51.653 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" complete saving to kvstore, response: {'date': 'Tue, 30 Jan 2024 22:24:51 GMT', 'expires': 'Thu, 26 Oct 1978 00:00:00 GMT', 'cache-control': 'no-store, no-cache, must-revalidate, max-age=0', 'content-type': 'application/json; charset=UTF-8', 'x-content-type-options': 'nosniff', 'content-length': '64', 'vary': 'Authorization', 'connection': 'Close', 'x-frame-options': 'SAMEORIGIN', 'server': 'Splunkd', 'status': '201'}, content: b'{"_key":"icon-mobile__b5237b27-e8b3-4c1e-b247-341eea64a063.svg"}' | |
| 01-30-2024 22:24:51.654 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" start saving to kvstore, name is icon-load-balancer__4a4261a1-51e2-45aa-b89d-2911d1ceac62.svg, type is image/svg+xml | |
| 01-30-2024 22:24:51.663 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" complete saving to kvstore, response: {'date': 'Tue, 30 Jan 2024 22:24:51 GMT', 'expires': 'Thu, 26 Oct 1978 00:00:00 GMT', 'cache-control': 'no-store, no-cache, must-revalidate, max-age=0', 'content-type': 'application/json; charset=UTF-8', 'x-content-type-options': 'nosniff', 'content-length': '71', 'vary': 'Authorization', 'connection': 'Close', 'x-frame-options': 'SAMEORIGIN', 'server': 'Splunkd', 'status': '201'}, content: b'{"_key":"icon-load-balancer__4a4261a1-51e2-45aa-b89d-2911d1ceac62.svg"}' | |
| 01-30-2024 22:24:51.664 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" start saving to kvstore, name is icon-server__3fcecd0d-1645-4745-bdec-9a612660b662.svg, type is image/svg+xml | |
| 01-30-2024 22:24:51.669 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" complete saving to kvstore, response: {'date': 'Tue, 30 Jan 2024 22:24:51 GMT', 'expires': 'Thu, 26 Oct 1978 00:00:00 GMT', 'cache-control': 'no-store, no-cache, must-revalidate, max-age=0', 'content-type': 'application/json; charset=UTF-8', 'x-content-type-options': 'nosniff', 'content-length': '64', 'vary': 'Authorization', 'connection': 'Close', 'x-frame-options': 'SAMEORIGIN', 'server': 'Splunkd', 'status': '201'}, content: b'{"_key":"icon-server__3fcecd0d-1645-4745-bdec-9a612660b662.svg"}' | |
| 01-30-2024 22:24:51.669 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" start saving to kvstore, name is icon-firewall__037c3797-3676-4b94-aa5f-01293cafab69.svg, type is image/svg+xml | |
| 01-30-2024 22:24:51.676 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" complete saving to kvstore, response: {'date': 'Tue, 30 Jan 2024 22:24:51 GMT', 'expires': 'Thu, 26 Oct 1978 00:00:00 GMT', 'cache-control': 'no-store, no-cache, must-revalidate, max-age=0', 'content-type': 'application/json; charset=UTF-8', 'x-content-type-options': 'nosniff', 'content-length': '66', 'vary': 'Authorization', 'connection': 'Close', 'x-frame-options': 'SAMEORIGIN', 'server': 'Splunkd', 'status': '201'}, content: b'{"_key":"icon-firewall__037c3797-3676-4b94-aa5f-01293cafab69.svg"}' | |
| 01-30-2024 22:24:51.677 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" start saving to kvstore, name is icon-users__229c9a8c-1b2e-4978-9d7e-4222e1d7a9b3.svg, type is image/svg+xml | |
| 01-30-2024 22:24:51.684 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" complete saving to kvstore, response: {'date': 'Tue, 30 Jan 2024 22:24:51 GMT', 'expires': 'Thu, 26 Oct 1978 00:00:00 GMT', 'cache-control': 'no-store, no-cache, must-revalidate, max-age=0', 'content-type': 'application/json; charset=UTF-8', 'x-content-type-options': 'nosniff', 'content-length': '63', 'vary': 'Authorization', 'connection': 'Close', 'x-frame-options': 'SAMEORIGIN', 'server': 'Splunkd', 'status': '201'}, content: b'{"_key":"icon-users__229c9a8c-1b2e-4978-9d7e-4222e1d7a9b3.svg"}' | |
| 01-30-2024 22:24:51.685 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" start saving to kvstore, name is icon-check__e29f784a-31a2-4544-813f-efce24d5be32.svg, type is image/svg+xml | |
| 01-30-2024 22:24:51.691 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" complete saving to kvstore, response: {'date': 'Tue, 30 Jan 2024 22:24:51 GMT', 'expires': 'Thu, 26 Oct 1978 00:00:00 GMT', 'cache-control': 'no-store, no-cache, must-revalidate, max-age=0', 'content-type': 'application/json; charset=UTF-8', 'x-content-type-options': 'nosniff', 'content-length': '63', 'vary': 'Authorization', 'connection': 'Close', 'x-frame-options': 'SAMEORIGIN', 'server': 'Splunkd', 'status': '201'}, content: b'{"_key":"icon-check__e29f784a-31a2-4544-813f-efce24d5be32.svg"}' | |
| 01-30-2024 22:24:51.692 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" start saving to kvstore, name is icon-datastore__6267aa47-166b-4079-9801-df148e603b43.svg, type is image/svg+xml | |
| 01-30-2024 22:24:51.699 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" complete saving to kvstore, response: {'date': 'Tue, 30 Jan 2024 22:24:51 GMT', 'expires': 'Thu, 26 Oct 1978 00:00:00 GMT', 'cache-control': 'no-store, no-cache, must-revalidate, max-age=0', 'content-type': 'application/json; charset=UTF-8', 'x-content-type-options': 'nosniff', 'content-length': '67', 'vary': 'Authorization', 'connection': 'Close', 'x-frame-options': 'SAMEORIGIN', 'server': 'Splunkd', 'status': '201'}, content: b'{"_key":"icon-datastore__6267aa47-166b-4079-9801-df148e603b43.svg"}' | |
| 01-30-2024 22:24:51.700 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" start saving to kvstore, name is icon-cloud__b26f30f1-329e-4739-89ab-0a8a8bd24e7d.svg, type is image/svg+xml | |
| 01-30-2024 22:24:51.705 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" complete saving to kvstore, response: {'date': 'Tue, 30 Jan 2024 22:24:51 GMT', 'expires': 'Thu, 26 Oct 1978 00:00:00 GMT', 'cache-control': 'no-store, no-cache, must-revalidate, max-age=0', 'content-type': 'application/json; charset=UTF-8', 'x-content-type-options': 'nosniff', 'content-length': '63', 'vary': 'Authorization', 'connection': 'Close', 'x-frame-options': 'SAMEORIGIN', 'server': 'Splunkd', 'status': '201'}, content: b'{"_key":"icon-cloud__b26f30f1-329e-4739-89ab-0a8a8bd24e7d.svg"}' | |
| 01-30-2024 22:24:51.706 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" start saving to kvstore, name is icon-datacenter__13a43013-4b5b-4553-a035-ebcb43b0bbcb.svg, type is image/svg+xml | |
| 01-30-2024 22:24:51.713 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" complete saving to kvstore, response: {'date': 'Tue, 30 Jan 2024 22:24:51 GMT', 'expires': 'Thu, 26 Oct 1978 00:00:00 GMT', 'cache-control': 'no-store, no-cache, must-revalidate, max-age=0', 'content-type': 'application/json; charset=UTF-8', 'x-content-type-options': 'nosniff', 'content-length': '68', 'vary': 'Authorization', 'connection': 'Close', 'x-frame-options': 'SAMEORIGIN', 'server': 'Splunkd', 'status': '201'}, content: b'{"_key":"icon-datacenter__13a43013-4b5b-4553-a035-ebcb43b0bbcb.svg"}' | |
| 01-30-2024 22:24:51.713 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" start saving to kvstore, name is icon-desktop__65679a5e-ea9f-4dfc-9a72-e31b0f8b10ef.svg, type is image/svg+xml | |
| 01-30-2024 22:24:51.719 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" complete saving to kvstore, response: {'date': 'Tue, 30 Jan 2024 22:24:51 GMT', 'expires': 'Thu, 26 Oct 1978 00:00:00 GMT', 'cache-control': 'no-store, no-cache, must-revalidate, max-age=0', 'content-type': 'application/json; charset=UTF-8', 'x-content-type-options': 'nosniff', 'content-length': '65', 'vary': 'Authorization', 'connection': 'Close', 'x-frame-options': 'SAMEORIGIN', 'server': 'Splunkd', 'status': '201'}, content: b'{"_key":"icon-desktop__65679a5e-ea9f-4dfc-9a72-e31b0f8b10ef.svg"}' | |
| 01-30-2024 22:24:51.719 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" splunk-dashboard-icons collection is successfully updated :: True | |
| 01-30-2024 22:24:51.720 +0000 INFO ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk-dashboard-studio/bin/save_image_and_icon_on_install.py" /opt/splunk/etc/apps/splunk-dashboard-studio/kvstore_icon_status.conf is updated with {'default': {'uploadedVersion': '1.11.7'}} | |
| 01-30-2024 22:24:55.254 +0000 ERROR HttpListener [2037 TcpChannelThread] - Exception while processing request from 127.0.0.1:50552 for /servicesNS/nobody/splunk_instrumentation/storage/collections/data/instrumentation/instrumentation_deploymentID: Could not find object id=instrumentation trace="[0x0000559A720087AA] "? (splunkd + 0x197B7AA)";[0x0000559A723D4DE1] "_ZN16TcpChannelThread4mainEv + 385 (splunkd + 0x1D47DE1)";[0x0000559A734A4D4E] "_ZN6Thread37_callMainAndDiscardTerminateExceptionEv + 14 (splunkd + 0x2E17D4E)";[0x0000559A734A5C63] "_ZN6Thread8callMainEPv + 147 (splunkd + 0x2E18C63)";[0x00007F8F61D8A1CA] "? (libpthread.so.0 + 0x81CA)";[0x00007F8F61110E73] "clone + 67 (libc.so.6 + 0x39E73)"" | |
| 01-30-2024 22:24:55.277 +0000 INFO TelemetryHandler [2037 TcpChannelThread] - Telemetry Data Collection has been enabled for app=splunk_instrumentation for categories=License Usage. | |
| 01-30-2024 22:25:00.000 +0000 INFO ExecProcessor [1887 ExecProcessor] - setting reschedule_ms=60000, for command=/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/search/bin/quarantine_files.py | |
| 01-30-2024 22:25:02.354 +0000 ERROR ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/search/bin/quarantine_files.py" WARNING Quarantine files framework - enable_jQuery2 Toggle Disabled. Script duration 0.825s | |
| 01-30-2024 22:25:11.574 +0000 INFO TailReader [2017 tailreader0] - Batch input finished reading file='/opt/splunk/var/spool/splunk/tracker.log' | |
| 01-30-2024 22:25:21.655 +0000 ERROR ExecProcessor [1887 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/search/bin/quarantine_files.py" WARNING Quarantine files framework - enable_unsupported_hotlinked_imports Toggle Disabled. Script duration 20.125s |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment