Sidecar troubleshooting
If an issue with a sidecar occurs, try one or more of the following steps:
- Check the sidecar configuration and modify settings, if necessary.
- Restart sidecars.
- If the issue still occurs, generate a diagnostic (diag) file and send it to Splunk support for further assistance in troubleshooting the issue. To learn more about a diagnostic file, see Generate a diagnostic file.
Sidecar issues can also arise from network problems, such as firewall, proxy, or DNS settings, which may lead to connection or data ingestion errors.
Troubleshoot with log files
The logs that the supervisor and sidecars generate are saved in the $SPLUNK_HOME/var/log/splunk directory. The following list presents the logs and data that they capture.
Note: By generating a diagnostic (diag) file, you can retrieve data from stdout log files.
| Log file name | Description |
|---|---|
| supervisor.log | Logs from the supervisor about the supervisor itself, sidecar lifecycle and health, and endpoint registration. |
| sup-pkg-identity-stdout.log | System logs for the SCIM sidecar. |
| sup-pkg-agent-manager-stdout.log | System logs for the Agent Management sidecar. |