Solved: How to install *Nix app

djfisher · ‎10-09-2013

Hi gang,
I have been trying to install the newer Splunk App for Unix and Linux (5.0.0) on my Splunk recievers. I tried "upgrading" the Nix 4.6 and also tried to install it by itself. The download file from Splunk is a zip file, I was expecting a .tgz file. When I try to install or upgrade from the Splunk GUI, it just gives me a /etc ? app. This directory called etc does get loaded under /opt/splunk/etc/apps. I am not sure how to get this to work. I have NIX 4.6 working fine and have the Splunk_TA_nix running fine on my forwarders.

I am running Splunk 6.0 on my receivers and forwarders.

cramasta · ‎10-09-2013

You need to extract the contents of the zip. You cant install it directly or you will see the /etc app listed.

The instructions are listed here

http://docs.splunk.com/Documentation/UnixApp/5.0/User/InstalltheSplunkAppforUnixandLinux

View solution in original post

ww9rivers · ‎12-13-2013

I have had the same problem.

Turns out: The Splunk for *NIX app version 5.0.0 is broken.

The fix is to install version 5.0.1 -- You may have to manually delete the "...etc/apps/etc" folder.

I realize this is an old posting, but still want to point out the problem with 5.0.0.

cramasta · ‎10-09-2013

You need to extract the contents of the zip. You cant install it directly or you will see the /etc app listed.

The instructions are listed here

http://docs.splunk.com/Documentation/UnixApp/5.0/User/InstalltheSplunkAppforUnixandLinux

How to install *Nix app

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas

What Is the Name of the USB Key Inserted by Bob Smith? (BOTS Hint, Not the Answer)

Automating Threat Operations and Threat Hunting with Recorded Future

Join the Conversation