I have an indexer RHEL7 server that is DEAD.  I have no way of getting into it to run any commands.  I was able to remove it from the Index Cluster using:  splunk remove cluster-peers -peers <guid>  However, it is still in the Monitoring Console as an instance unreachable.  How can I fully remove it? ... View more

Brand news servers. Not receiving all data from the UF. Confirmed connectivity. Confirmed inputs via "/opt/splunkforwarder/bin/splunk btool inputs list | grep bc_ | grep "\["", Only getting 2 sourcetypes when there should be at least 16 for the index. Getting this error message: Invalid key in stanza [webhook] in /opt/splunkforwarder/etc/system/default/alert_actions.conf, line 229: enable_allowlist (value: false). Getting this when starting splunkd: Splunk> Take the sh out of IT.   Checking prerequisites...         Management port has been set disabled; cli support for this configuration is currently incomplete.         Checking conf files for problems...                 Invalid key in stanza [webhook] in /opt/splunkforwarder/etc/system/default/alert_actions.conf, line 229: enable_allowlist (value: false).                 Your indexes and inputs configurations are not internally consistent. For more information, run 'splunk btool check --debug'         Done         Checking default conf files for edits...         Validating installed files against hashes from '/opt/splunkforwarder/splunkforwarder-9.0.3-dd0128b1f8cd-linux-2.6-x86_64-manifest'         All installed files intact.         Done All preliminary checks passed.   Starting splunk server daemon (splunkd)... Done ... View more