Another instance is running

Post a different question
5
responses

Hello,

I have a problem with a nxlog collector for a SIEM Graylog. On the Graylog page the nxlog appears to be Failing. But on the collector the service looks like running :

root@:/var/run/nxlog# systemctl status nxlog
● nxlog.service - LSB: logging daemon
Loaded: loaded (/etc/init.d/nxlog; generated; vendor preset: enabled)
Active: active (running) since Tue 2021-12-21 15:33:07 CET; 1 day 19h ago
Docs: man:systemd-sysv-generator(8)
Process: 26310 ExecStop=/etc/init.d/nxlog stop (code=exited, status=0/SUCCESS)
Process: 26314 ExecStart=/etc/init.d/nxlog start (code=exited, status=0/SUCCESS)
CGroup: /system.slice/nxlog.service
└─26320 /usr/bin/nxlog

When I look into the internal logs for troubleshooting I have this :

root@:/var/run/nxlog# tail /var/log/nxlog/nxlog.log
2021-12-23 10:17:32 INFO configuration OK
2021-12-23 10:17:32 ERROR Another instance is already running (pid 26320);Resource temporarily unavailable
2021-12-23 10:17:33 ERROR Another instance is already running (pid 26320);Resource temporarily unavailable
2021-12-23 10:17:34 ERROR Another instance is already running (pid 26320);Resource temporarily unavailable
2021-12-23 10:17:35 ERROR Another instance is already running (pid 26320);Resource temporarily unavailable
2021-12-23 11:17:32 INFO configuration OK
2021-12-23 11:17:32 ERROR Another instance is already running (pid 26320);Resource temporarily unavailable
2021-12-23 11:17:33 ERROR Another instance is already running (pid 26320);Resource temporarily unavailable
2021-12-23 11:17:34 ERROR Another instance is already running (pid 26320);Resource temporarily unavailable
2021-12-23 11:17:35 ERROR Another instance is already running (pid 26320);Resource temporarily unavailable

root@:/var/run/nxlog# cat /var/run/nxlog/nxlog.pid
26320

root@BDXSVLG01:/var/run/nxlog# ps -aux |grep nxlog
root 4008 0.0 0.0 12776 980 pts/6 D+ 11:21 0:00 grep --color=auto nxlog
nxlog 26320 0.0 0.0 275248 224 ? Ssl déc.21 1:03 /usr/bin/nxlog

The service that is already running is the one with the right pid so I don't get where my problem comes from.

Thank you in advance for your help.

BR,
Paul

AskedDecember 23, 2021 - 11:25am

Comments (4)

  • PaulAPS's picture

    Hello Klevin,

    I don't actually know what is the second instance that is running.
    How can I see this for the modules ? When I try this command nothing about nxlog comes out :

    root@ :~# lsmod | grep nxlog

    Thank you,
    Paul

    January 3, 2022 - 9:47am
  • Klevin's picture
    (NXLog)

    Hello Paul,

    On the .conf file you are using please check the module names, in the following example the name is in .

    <Input in>
    Module  im_udp
    Host    0.0.0.0
    Port    514
    Exec    log_info("Message received on UDP port 514");
</Input>

    To see if any other nxlog service is running please run

    ps -A | grep nxlog

    Sincerely Klevin

    January 3, 2022 - 11:30am
  • PaulAPS's picture

    Hello Klevin,

    Thank you for you return.
    My problem is fixed it's okay, the issue was that I launched nxlog on the collector with root, so when Graylog was trying to launch it with nxlog user there was a conflict.

    The subject is closed, thank you again.

    BR,
    Paul

    January 5, 2022 - 2:24pm

Answer (1)