
Known issues
This topic lists known issues that are specific to the universal forwarder. For information on fixed issues, see Fixed issues.
Universal forwarder issues
Date filed | Issue number | Description |
---|---|---|
2023-02-22 | SPL-236429 | Universal forwarder download for PPCLE kernel 3.0+ is unavailable for version 9.0.2, 9.0.3, 9.0.4 |
2022-11-18 | SPL-233100 | Splunk UF and Enterprise installations (including upgrades) may fail if the Windows Command Processor (cmd.exe) has an AutoRun script configured Workaround: Disable Windows AutoRun before installing the software.
|
2022-06-23 | SPL-226019 | Warning appears in the universal forwarder whenever any spl command is run: Warning: Attempting to revert the SPLUNK_HOME ownership Warning: Executing "chown -R splunk /opt/splunkforwarder". This warning is expected and will not affect functionality. |
2022-06-06 | SPL-225379 | Ownership of files mentioned in manifest file is splunk:splunk instead of root:root after enabling boot start as root user for initd Workaround: When changing UF user, manually chown SPLUNK_HOME to the new user, including first time install/upgrade, or manually enable boot-start. |
2022-05-16 | SPL-224264, SPL-224265 | Splunk UF not starting on Debian 11 (x86_64 and arm64) |
2022-05-13 | SPL-224167 | Splunk UF for CentOS-7 (ARM64) is not available Workaround: UF for CentOS7 ARM 64 will be available in the 9.0.1 maintenance release. |
2020-11-09 | SPL-197140, SPL-234386 | UF failed to start on Solaris 11.3 with error: "symbol in6addr_any: referenced symbol not found" Workaround: 1. Do not upgrade past Splunk 8.0.5 on Solaris 11.3 OR
2. Upgrade to Solaris 11.4 |
Last modified on 01 June, 2023
PREVIOUS Troubleshoot the universal forwarder |
NEXT Fixed issues |
This documentation applies to the following versions of Splunk® Universal Forwarder: 9.0.4
Feedback submitted, thanks!