Installation
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Any pitfalls installing Splunk on Linux under a non-default directory?

ngiczi
Engager
‎06-30-2016 09:13 PM

Hi,

We have to install Splunk in a restricted environment. Our instance has to be run as non-root and it must be placed somewhere under /srv/. Thus Splunk installation directory will probably be /srv/splunk/.
Our question is regarding the installation directory: Do you see any pitfalls about installing Splunk under a non-default directory? If the answer is yes, please list any potential issues we could be faced with.

Thanks in advance.

Regards,
Norbert

Labels (1)
Labels
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

splunk_force_as
Path Finder
‎06-30-2016 09:36 PM

Nope, $SPLUNK_HOME is configurable meaning that you can install it any directory, really. Also, installing splunk as non-root is typically preferable and recommended. http://docs.splunk.com/Documentation/Splunk/latest/installation/RunSplunkasadifferentornon-rootuser

In your case $SPLUNK_HOME = srv/splunk/

  • Ensure that you have enough disk space.
  • Ensure that the designated non-root user owns $SPLUNK_HOME
  • Ensure that the user that owns the file can read and write to that directory. This is especially important for $SPLUNK_HOME/var/log/splunk.

View solution in original post

Reply
Solved! Jump to solution
Solution

splunk_force_as
Path Finder
‎06-30-2016 09:36 PM

Nope, $SPLUNK_HOME is configurable meaning that you can install it any directory, really. Also, installing splunk as non-root is typically preferable and recommended. http://docs.splunk.com/Documentation/Splunk/latest/installation/RunSplunkasadifferentornon-rootuser

In your case $SPLUNK_HOME = srv/splunk/

  • Ensure that you have enough disk space.
  • Ensure that the designated non-root user owns $SPLUNK_HOME
  • Ensure that the user that owns the file can read and write to that directory. This is especially important for $SPLUNK_HOME/var/log/splunk.

View solution in original post

Reply
Did you miss .conf21 Virtual?

Good news! The event's keynotes and many of its breakout sessions are now available online, and still totally FREE!

Get Updates on the Splunk Community!