Related Answers
Download topic as PDF
Known issues
This topic lists known issues that are specific to the universal forwarder. For information on fixed issues, see Fixed issues.
Universal forwarder issues
| Date filed | Issue number | Description |
|---|---|---|
| 2023-02-22 | SPL-236429 | Universal forwarder download for PPCLE kernel 3.0+ is unavailable for version 9.0.2, 9.0.3, 9.0.4 |
| 2022-11-18 | SPL-233100 | Splunk UF and Enterprise installations (including upgrades) may fail if the Windows Command Processor (cmd.exe) has an AutoRun script configured Workaround: Disable Windows AutoRun before installing the software.
|
| 2022-06-23 | SPL-226019 | Warning appears in the universal forwarder whenever any spl command is run: Warning: Attempting to revert the SPLUNK_HOME ownership Warning: Executing "chown -R splunk /opt/splunkforwarder". This warning is expected and will not affect functionality. |
| 2022-06-06 | SPL-225379 | Ownership of files mentioned in manifest file is splunk:splunk instead of root:root after enabling boot start as root user for initd Workaround: When changing UF user, manually chown SPLUNK_HOME to the new user, including first time install/upgrade, or manually enable boot-start. |
| 2022-05-16 | SPL-224264, SPL-224265 | Splunk UF not starting on Debian 11 (x86_64 and arm64) |
| 2022-05-13 | SPL-224167 | Splunk UF for CentOS-7 (ARM64) is not available Workaround: UF for CentOS7 ARM 64 will be available in the 9.0.1 maintenance release. |
| 2020-11-09 | SPL-197140, SPL-234386 | UF failed to start on Solaris 11.3 with error: "symbol in6addr_any: referenced symbol not found" Workaround: 1. Do not upgrade past Splunk 8.0.5 on Solaris 11.3 OR
2. Upgrade to Solaris 11.4 |
Last modified on 01 June, 2023
|
PREVIOUS Troubleshoot the universal forwarder |
NEXT Fixed issues |
This documentation applies to the following versions of Splunk® Universal Forwarder: 9.0.4
Feedback submitted, thanks!