Here i have shown how to install Splunk.
You can download free version (upto 500MB/per day) of the Splunk from official website link.
Here already i have download , extracted and moved under /opt/ directory.
Goto splunk bin directory and start the splunk service with license agreement
[root@monitoring ]# cd /opt/splunk/bin
[root@monitoring bin]# ./splunk start --accept-license
This appears to be your first time running this version of Splunk.
Copying '/opt/splunk/etc/openldap/ldap.conf.default' to '/opt/splunk/etc/openldap/ldap.conf'.
Generating RSA private key, 1024 bit long modulus
............++++++
......++++++
e is 65537 (0x10001)
writing RSA key
Generating RSA private key, 1024 bit long modulus
..........................++++++
....................++++++
e is 65537 (0x10001)
writing RSA key
Moving '/opt/splunk/share/splunk/search_mrsparkle/modules.new' to '/opt/splunk/share/splunk/search_mrsparkle/modules'.
Splunk> Australian for grep.
Checking prerequisites...
Checking http port [8000]: open
Checking mgmt port [8089]: open
Checking appserver port [127.0.0.1:8065]: open
Checking kvstore port [8191]: open
Checking configuration... Done.
Creating: /opt/splunk/var/lib/splunk
Creating: /opt/splunk/var/run/splunk
Creating: /opt/splunk/var/run/splunk/appserver/i18n
Creating: /opt/splunk/var/run/splunk/appserver/modules/static/css
Creating: /opt/splunk/var/run/splunk/upload
Creating: /opt/splunk/var/spool/splunk
Creating: /opt/splunk/var/spool/dirmoncache
Creating: /opt/splunk/var/lib/splunk/authDb
Creating: /opt/splunk/var/lib/splunk/hashDb
Checking critical directories... Done
Checking indexes...
Validated: _audit _blocksignature _internal _introspection _thefishbucket history main summary
Done
New certs have been generated in '/opt/splunk/etc/auth'.
Checking filesystem compatibility... Done
Checking conf files for problems...
Done
All preliminary checks passed.
Starting splunk server daemon (splunkd)...
Generating a 1024 bit RSA private key
.....................++++++
...++++++
writing new private key to 'privKeySecure.pem'
-----
Signature ok
subject=/CN=monitoring/O=SplunkUser
Getting CA Private Key
writing RSA key
Done
[ OK ]
Waiting for web server at http://127.0.0.1:8000 to be available.... Done
If you get stuck, we're here to help.
Look for answers here: http://docs.splunk.com
The Splunk web interface is at http://monitoring:8000
Now go to the browser and type http://127.0.0.1:8000 or http://ipaddress:8000. my machine ip address 10.177.7.7.
You should change the password at the first time login of splunk.
After successful login you will get the Splunk dashboard
You can download free version (upto 500MB/per day) of the Splunk from official website link.
Here already i have download , extracted and moved under /opt/ directory.
Goto splunk bin directory and start the splunk service with license agreement
[root@monitoring ]# cd /opt/splunk/bin
[root@monitoring bin]# ./splunk start --accept-license
This appears to be your first time running this version of Splunk.
Copying '/opt/splunk/etc/openldap/ldap.conf.default' to '/opt/splunk/etc/openldap/ldap.conf'.
Generating RSA private key, 1024 bit long modulus
............++++++
......++++++
e is 65537 (0x10001)
writing RSA key
Generating RSA private key, 1024 bit long modulus
..........................++++++
....................++++++
e is 65537 (0x10001)
writing RSA key
Moving '/opt/splunk/share/splunk/search_mrsparkle/modules.new' to '/opt/splunk/share/splunk/search_mrsparkle/modules'.
Splunk> Australian for grep.
Checking prerequisites...
Checking http port [8000]: open
Checking mgmt port [8089]: open
Checking appserver port [127.0.0.1:8065]: open
Checking kvstore port [8191]: open
Checking configuration... Done.
Creating: /opt/splunk/var/lib/splunk
Creating: /opt/splunk/var/run/splunk
Creating: /opt/splunk/var/run/splunk/appserver/i18n
Creating: /opt/splunk/var/run/splunk/appserver/modules/static/css
Creating: /opt/splunk/var/run/splunk/upload
Creating: /opt/splunk/var/spool/splunk
Creating: /opt/splunk/var/spool/dirmoncache
Creating: /opt/splunk/var/lib/splunk/authDb
Creating: /opt/splunk/var/lib/splunk/hashDb
Checking critical directories... Done
Checking indexes...
Validated: _audit _blocksignature _internal _introspection _thefishbucket history main summary
Done
New certs have been generated in '/opt/splunk/etc/auth'.
Checking filesystem compatibility... Done
Checking conf files for problems...
Done
All preliminary checks passed.
Starting splunk server daemon (splunkd)...
Generating a 1024 bit RSA private key
.....................++++++
...++++++
writing new private key to 'privKeySecure.pem'
-----
Signature ok
subject=/CN=monitoring/O=SplunkUser
Getting CA Private Key
writing RSA key
Done
[ OK ]
Waiting for web server at http://127.0.0.1:8000 to be available.... Done
If you get stuck, we're here to help.
Look for answers here: http://docs.splunk.com
The Splunk web interface is at http://monitoring:8000
Now go to the browser and type http://127.0.0.1:8000 or http://ipaddress:8000. my machine ip address 10.177.7.7.
You should change the password at the first time login of splunk.
After successful login you will get the Splunk dashboard
No comments:
Post a Comment