Installation

Any pitfalls installing Splunk on Linux under a non-default directory?

ngiczi
Engager

Hi,

We have to install Splunk in a restricted environment. Our instance has to be run as non-root and it must be placed somewhere under /srv/. Thus Splunk installation directory will probably be /srv/splunk/.
Our question is regarding the installation directory: Do you see any pitfalls about installing Splunk under a non-default directory? If the answer is yes, please list any potential issues we could be faced with.

Thanks in advance.

Regards,
Norbert

Labels (1)
0 Karma
1 Solution

splunk_force_as
Path Finder

Nope, $SPLUNK_HOME is configurable meaning that you can install it any directory, really. Also, installing splunk as non-root is typically preferable and recommended. http://docs.splunk.com/Documentation/Splunk/latest/installation/RunSplunkasadifferentornon-rootuser

In your case $SPLUNK_HOME = srv/splunk/

  • Ensure that you have enough disk space.
  • Ensure that the designated non-root user owns $SPLUNK_HOME
  • Ensure that the user that owns the file can read and write to that directory. This is especially important for $SPLUNK_HOME/var/log/splunk.

View solution in original post

splunk_force_as
Path Finder

Nope, $SPLUNK_HOME is configurable meaning that you can install it any directory, really. Also, installing splunk as non-root is typically preferable and recommended. http://docs.splunk.com/Documentation/Splunk/latest/installation/RunSplunkasadifferentornon-rootuser

In your case $SPLUNK_HOME = srv/splunk/

  • Ensure that you have enough disk space.
  • Ensure that the designated non-root user owns $SPLUNK_HOME
  • Ensure that the user that owns the file can read and write to that directory. This is especially important for $SPLUNK_HOME/var/log/splunk.

View solution in original post

Did you miss .conf21 Virtual?

Good news! The event's keynotes and many of its breakout sessions are now available online, and still totally FREE!