Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Solved! Jump to solution

Solaris install without root

drkduncan
Engager
‎03-29-2012 12:08 PM

This has probably already been asked, so please forgive me for duplicating. I am trying to install the splunk forwarder on a Solaris machine via CLI (Tar.Z package) and was wondering if there is any possible way to install it without root.

I am trying to set up a POC, but only SA's have root access. Not the application developers.

I know that once it is installed you can run as another user, but it looks like you have to be root to even get there.

Reply
1 Solution
Solved! Jump to solution
Solution

mwhite_splunk
Splunk Employee
Splunk Employee
‎03-29-2012 01:29 PM

When you untar the file, be sure you are untarring it an area where you have read/write permissions. Additionally, since Splunk runs on non-privileged ports, it should operate with no issues. The issue you are going to run into is that you will not be able to read the syslogs as a standard user. However, as an application developer, if you are running a sandboxed application, you direct those logs into your Splunk instance with no issues.

View solution in original post

Reply
Solved! Jump to solution
Solution

mwhite_splunk
Splunk Employee
Splunk Employee
‎03-29-2012 01:29 PM

When you untar the file, be sure you are untarring it an area where you have read/write permissions. Additionally, since Splunk runs on non-privileged ports, it should operate with no issues. The issue you are going to run into is that you will not be able to read the syslogs as a standard user. However, as an application developer, if you are running a sandboxed application, you direct those logs into your Splunk instance with no issues.

Reply
Solved! Jump to solution

drkduncan
Engager
‎03-29-2012 02:00 PM

You would think that after working on Solaris boxes for 5 years, and *nix for another 6 before that I would think to check the arch the package was compiled for.

For future reference, if you extract the x86_64 package and try to run it on a sparc box, it wont work.

I am wearing a dunce hat now.....

Thanks for the answer - it works when you use the right files....

0 Karma
Reply
Solved! Jump to solution

dwaddle
SplunkTrust
SplunkTrust
‎03-29-2012 01:10 PM

If you're using the tarball - regardless of Unix OS - then you can run a forwarder under that user. The forwarder will only have access to read files that is equivalent to the user running it. You should be able to simply untar the forwarder .tgz into a directory and launch it.

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Mile High Learning with Splunk University, Denver, Colorado

If Denver is known for its mile-high elevation, Splunk University is about to raise the bar on technical ...

IT Service Intelligence 5.0 Series: Your Guide to the June Launch

We are excited to announce the June release of Splunk IT Service Intelligence (ITSI) 5.0. This update ...

Agent Mode Engaged! Enchaining Agentic Operations with Splunk AI Assistant 2.0

    Are you ready to transform how your team handles complex data requests? We invite you to our upcoming ...