If Splunk KV Store Fails To Start/Restart

1. Check the KV store status using below command from bin directory -

./splunk show kvstore-status -auth <user_name>:<password>

2. Check for fully qualified domain name (FQDN) -

hostname --fqdn

3. Now, create a new SSL certificate using above FQDN -

./splunk createssl server-cert 3072 -d /opt/splunk/etc/auth -n server -c <FQDN>

4. Restart Splunk

5. Check the status of KV store now. It should be fine.