Deployment Architecture

Splunk Install on Ubuntu 10.4

chennai
Explorer

Hi! I am new to Splunk. I just download the Splunk 4.1.4 tar file and untar on the host, What is the next step to configure Splunk on my Ubuntu Server.

Currently I am planning to configure splunk on ubuntu 10.4. Please sned me the documentation. Thanks.

Tags (1)
1 Solution

Vladimir
Path Finder

try to use sudo ./splunk start

View solution in original post

Vladimir
Path Finder

try to use sudo ./splunk start

neilhaywood
Engager

I know its old, but you shouldnt be running splunk as root.
Install as a splunk user. Then if this issue arises, do.

As Root:

chown -R splukuser:splunkuser /opt/splunk/

Then as splunkuser

$ splunk start

0 Karma

Vladimir
Path Finder

one note I forgot to say... if you have splunk user in your system it'd be better to use "sudo -u splunk ..." to run under this user
before this command probably you will need to run "sudo chown -R splunk:splunk /opt/splunk" to change the owner from root to splunk

ekoptilina
New Member

Thank you, Vladimir! I had the same problem with unability to create "/opt/splunk/etc/licenses/enterprise", your advice to use "sudo ./splunk start" helped!

0 Karma

allcapony
New Member

Hi, can any one tell me how do I install splunkforwarder?

0 Karma

Vladimir
Path Finder

If you are using debian/ubuntu:
- download deb package
- in terminal lanch: sudo dpkg -i splunk_package_name.deb

Shane
Explorer

splunk-4.1.5-85165-linux-2.6-intel.deb if you're using the 32 bit Ubuntu

John_Mark
Splunk Employee
Splunk Employee

Install the .deb. It works flawlessly on Ubuntu 10.04.

chennai
Explorer

Hi, what is exact package name so that I can use aptitude to Install it on my ubuntu server.

Genti
Splunk Employee
Splunk Employee

cd to the dir where you untared
cd splunk/bin/
./splunk start

Please read the installation docs found at: http://www.splunk.com/base/Documentation/latest/Installation/InstallonLinux

dwaddle
SplunkTrust
SplunkTrust

You might start at http://www.splunk.com/base/Documentation/latest/Installation/InstallonLinux followed by http://www.splunk.com/base/Documentation/latest/Installation/StartSplunkforthefirsttime

BTW, you do know Splunk is available in .deb package format, which Ubuntu can natively install being a derivative of debian?

chennai
Explorer

Thank you very much for you help. I will check it out.

0 Karma
Get Updates on the Splunk Community!

Transform your security operations with Splunk Enterprise Security

Hi Splunk Community, Splunk Platform has set a great foundation for your security operations. With the ...

Splunk Admins and App Developers | Earn a $35 gift card!

Splunk, in collaboration with ESG (Enterprise Strategy Group) by TechTarget, is excited to announce a ...

Enterprise Security Content Update (ESCU) | New Releases

In October, the Splunk Threat Research Team had one release of new security content via the Enterprise ...