Installation
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Any pitfalls installing Splunk on Linux under a non-default directory?

ngiczi
Engager
‎06-30-2016 09:13 PM

Hi,

We have to install Splunk in a restricted environment. Our instance has to be run as non-root and it must be placed somewhere under /srv/. Thus Splunk installation directory will probably be /srv/splunk/.
Our question is regarding the installation directory: Do you see any pitfalls about installing Splunk under a non-default directory? If the answer is yes, please list any potential issues we could be faced with.

Thanks in advance.

Regards,
Norbert

Labels (1)
Labels
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

splunk_force_as
Path Finder
‎06-30-2016 09:36 PM

Nope, $SPLUNK_HOME is configurable meaning that you can install it any directory, really. Also, installing splunk as non-root is typically preferable and recommended. http://docs.splunk.com/Documentation/Splunk/latest/installation/RunSplunkasadifferentornon-rootuser

In your case $SPLUNK_HOME = srv/splunk/

  • Ensure that you have enough disk space.
  • Ensure that the designated non-root user owns $SPLUNK_HOME
  • Ensure that the user that owns the file can read and write to that directory. This is especially important for $SPLUNK_HOME/var/log/splunk.

View solution in original post

Reply
Solved! Jump to solution
Solution

splunk_force_as
Path Finder
‎06-30-2016 09:36 PM

Nope, $SPLUNK_HOME is configurable meaning that you can install it any directory, really. Also, installing splunk as non-root is typically preferable and recommended. http://docs.splunk.com/Documentation/Splunk/latest/installation/RunSplunkasadifferentornon-rootuser

In your case $SPLUNK_HOME = srv/splunk/

  • Ensure that you have enough disk space.
  • Ensure that the designated non-root user owns $SPLUNK_HOME
  • Ensure that the user that owns the file can read and write to that directory. This is especially important for $SPLUNK_HOME/var/log/splunk.
Reply
Register for .conf25!
Get Updates on the Splunk Community!

AppDynamics Summer Webinars

This summer, our mighty AppDynamics team is cooking up some delicious content on YouTube Live to satiate your ...

SOCin’ it to you at Splunk University

Splunk University is expanding its instructor-led learning portfolio with dedicated Security tracks at .conf25 ...

Credit Card Data Protection & PCI Compliance with Splunk Edge Processor

Organizations handling credit card transactions know that PCI DSS compliance is both critical and complex. The ...
Top