Deployment Architecture
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Install splunk forwarder on Linux server

aalhabbash1
Path Finder
‎05-18-2019 06:46 AM

Hi splunker;

When I install splunk forwarder version 7.2.6 on redhat server version 7.4 successfully installed, but the home directory like /etc and /root change permission from root to splunk, and this is not normal behavior, can anyone help me why this is occurred?

Best Regards;

0 Karma
Reply

Anonymous
Not applicable
‎05-21-2019 02:28 PM

What user did the install?

0 Karma
Reply

renjith_nair
Legend
‎05-18-2019 07:20 AM

@aalhabbash1,
Splunk does not change the ownership during installation. It's worth to check whether you have run a chown splunk:splunk after the installation and from which location the command was run. From what you have explained, it looks like the chown was run from / directory

---
What goes around comes around. If it helps, hit it with Karma 🙂
0 Karma
Reply

FrankVl
Ultra Champion
‎05-21-2019 06:27 AM

Indeed. Sounds like a mistake was made during the installation steps (or a faulty install script was used). Any further info on exactly how you did the installation could help give a more concrete answer.

0 Karma
Reply

mattymo
Splunk Employee
Splunk Employee
‎05-21-2019 01:55 PM

also be aware of Splunk and systemd interactions:

https://docs.splunk.com/Documentation/Splunk/7.2.6/Admin/RunSplunkassystemdservice

- MattyMo
0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

It’s Monday morning, and your phone is buzzing with alert escalations – your customer-facing portal is running ...

What’s New in Splunk Observability – September 2025

What's NewWe are excited to announce the latest enhancements to Splunk Observability, designed to help ITOps ...

Fun with Regular Expression - multiples of nine

Fun with Regular Expression - multiples of nineThis challenge was first posted on Slack #regex channel ...