Installation

Any pitfalls installing Splunk on Linux under a non-default directory?

ngiczi
Engager

Hi,

We have to install Splunk in a restricted environment. Our instance has to be run as non-root and it must be placed somewhere under /srv/. Thus Splunk installation directory will probably be /srv/splunk/.
Our question is regarding the installation directory: Do you see any pitfalls about installing Splunk under a non-default directory? If the answer is yes, please list any potential issues we could be faced with.

Thanks in advance.

Regards,
Norbert

Labels (1)
0 Karma
1 Solution

splunk_force_as
Path Finder

Nope, $SPLUNK_HOME is configurable meaning that you can install it any directory, really. Also, installing splunk as non-root is typically preferable and recommended. http://docs.splunk.com/Documentation/Splunk/latest/installation/RunSplunkasadifferentornon-rootuser

In your case $SPLUNK_HOME = srv/splunk/

  • Ensure that you have enough disk space.
  • Ensure that the designated non-root user owns $SPLUNK_HOME
  • Ensure that the user that owns the file can read and write to that directory. This is especially important for $SPLUNK_HOME/var/log/splunk.

View solution in original post

splunk_force_as
Path Finder

Nope, $SPLUNK_HOME is configurable meaning that you can install it any directory, really. Also, installing splunk as non-root is typically preferable and recommended. http://docs.splunk.com/Documentation/Splunk/latest/installation/RunSplunkasadifferentornon-rootuser

In your case $SPLUNK_HOME = srv/splunk/

  • Ensure that you have enough disk space.
  • Ensure that the designated non-root user owns $SPLUNK_HOME
  • Ensure that the user that owns the file can read and write to that directory. This is especially important for $SPLUNK_HOME/var/log/splunk.
Get Updates on the Splunk Community!

AppDynamics Summer Webinars

This summer, our mighty AppDynamics team is cooking up some delicious content on YouTube Live to satiate your ...

SOCin’ it to you at Splunk University

Splunk University is expanding its instructor-led learning portfolio with dedicated Security tracks at .conf25 ...

Credit Card Data Protection & PCI Compliance with Splunk Edge Processor

Organizations handling credit card transactions know that PCI DSS compliance is both critical and complex. The ...