Deployment Architecture
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Where is splunk installed on Linux?

vishal_bandavad
Explorer
‎11-17-2014 02:20 PM

I am trying to create a package for my app. I am using a linux server where splunk is installed. as i got the information from this portal, i open the directory /opt/splunk/etc/apps/framework and execute the command ./splunkdj package App_name. when i execute the command, it asks me Where is Splunk installed (version 5.0 or later is required)? []:

I am confused which path i should give here. I tried using the path $splunk_home$/bin , but no luck. Please suggest

Tags (3)
0 Karma
Reply

dkolekar_splunk
Splunk Employee
Splunk Employee
‎01-31-2020 04:56 AM

You need to to the Home path of the Splunk it is located in /opt/Splunk and you need to execute all the scripts in the /opt/splunk/bin ./splunk package name.
the home path is always referred to /opt/splunk or where ever the splunk is been installed.

0 Karma
Reply

pandaaji
New Member
‎04-11-2022 03:02 AM

not working

 

0 Karma
Reply

bandit
Motivator
‎01-08-2020 11:38 AM

This should identify locations of Splunk Enterprise or Splunk Universal Forwarders. I've only tested on Linux.

# using locate command (very fast if available)
locate --regex "splunk(forwarder)?/var/log/splunk/splunkd.log$" | awk -F "/var" '{print $1}'

# using find command
find / -type f -name "splunkd.log" 2>/dev/null | awk -F "/var" '{print $1}'
Reply

aljohnson_splun
Splunk Employee
Splunk Employee
‎11-17-2014 02:43 PM

Since you said you open /opt/splunk/etc/apps/framework, I assume the path you're looking for is just /opt/splunk. Normally $SPLUNK_HOME is set to the root splunk directory.

You could also try to do

echo $splunk_home

or

echo $SPLUNK_HOME

to see if those bash variables are acutally set (they are case sensitive).

Reply

skender27
Contributor
‎07-22-2015 09:06 AM

I resolved it this way (Debian OS):

ls -la
remove the .splunkhome file
run again ./splunkdj setup
insert /opt/splunk when asked where is installed Splunk.

Skender K.

0 Karma
Reply

somesoni2
Revered Legend
‎11-17-2014 03:51 PM

Go to path /opt/splunk/bin and then execute ./splunk package App_name OR simple just execute /opt/splunk/bin/splunk package App_name

Reply

vishal_bandavad
Explorer
‎11-17-2014 02:49 PM

Thanks , i tried with /opt/splunk , but i am getting the message that "/opt/splunk is directory , please give valid path" when i checked with echo $SPLUNK_HOME , i am getting blank response.

0 Karma
Reply

MuS
Legend
‎11-17-2014 02:54 PM

Try 

/opt/splunk/bin/splunk envvars

To get $SPLUNK_HOME

Reply
Get Updates on the Splunk Community!

.conf25 Community Recap

Hello Splunkers, And just like that, .conf25 is in the books! What an incredible few days — full of learning, ...

Splunk App Developers | .conf25 Recap & What’s Next

If you stopped by the Builder Bar at .conf25 this year, thank you! The retro tech beer garden vibes were ...

Congratulations to the 2025-2026 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...