Installation
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How to install Splunk 6.2.2 on a Mac OS X?

xvxt006
Contributor
‎03-19-2015 08:20 PM

Hi,

I have downloaded latest Splunk version and in the installation, it says, double click on .dmg but after the download I got a .tgz file, extracted it and put it under Applications. What do I need to do next?

In the Launch pad, I saw an icon Splunk (other) and when i double clicked i got a pop-up:

"ERROR: $SPLUNK_HOME passed into osxManageSplunk.sh is not a valid directory (path=The Splunk installer will replace the contents of this file with a path to the Splunk installation, WITHOUT a newline at the end.
)."

I clicked ok but nothing happened. Can anyone suggest how to install? i have mac osx 10.10.2

Labels (1)
Labels
Tags (3)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

fdi01
Motivator
‎03-20-2015 01:40 AM

Command line install

Use the following instructions to install from a Terminal window.

Important: To install Splunk Enterprise on Mac OS X from the command line, you must use the root user, or elevate privileges using the sudo command. If you use sudo, your account must be an Admin-level account.

  1. To mount the dmg:

    sudo hdid splunk_package_name.dmg

The Finder mounts the disk image onto the desktop. The image is available under /Volumes/SplunkForwarder (note the space).

  1. To Install

    To the root volume:

    cd /Volumes/SplunkForwarder\
    sudo installer -pkg .payload/splunk.pkg -target /

Note: There is a space in the disk image's name. Use a backslash to escape the space or wrap the disk image name in quotes.

To a different disk of partition: 

cd  /Volumes/SplunkForwarder\ <version>
sudo installer -pkg .payload/splunk.pkg -target /Volumes\ Disk

Note: There is a space in the disk image's name. Use a backslash to escape the space or wrap the disk image name in quotes.

-target specifies a target volume, such as another disk, where Splunk will be installed in /Applications/splunk.

To install into a directory other than /Applications/splunk on any volume, use the graphical installer as described above.
tar file install

To install Splunk Enterprise on Mac OS X, expand the tar file into an appropriate directory using the tar command:

tar xvzf splunk_package_name.tgz

The default install directory is splunk in the current working directory. To install into /Applications/splunk, use the following command:

tar xvzf splunk_package_name.tgz -C /Applications

Note: When you install Splunk Enterprise with a tar file:

Splunk Enterprise does not create the splunk user automatically. If you want it to run as a specific user, you must create the user manually before installing.  Ensure that the disk partition has enough space to hold the uncompressed volume of the data you plan to keep indexed.

Start Splunk
run the following command from $SPLUNK_HOME/bin directory (where $SPLUNK_HOME is the directory into which you installed Splunk Enterprise):

sudo  ./splunk start

Launch Splunk Web and log in

After you start Splunk Enterprise and accept the license agreement,
1. In a browser window, access Splunk Web at

http://<hostname>:port
ex:
 http://localhost:8000
or
 http://127.0.0.1:8000
hostname is the host machine.
port is the port you specified during the installation (the default port is 8000).

you can do Graphical install it.

View solution in original post

Reply
Solved! Jump to solution

preactivity
Path Finder
‎05-15-2019 06:20 PM

You can try to download the dmg file from Splunk.com and double click on it to install. This is very easy step. I have installed the latest version of Splunk on Mac and I don't see any problems.

Please note that the latest version of Splunk requires us to create username and password during the installation whereas with Old versions we get default username and password with it (admin/changeme)

Download .dmg file from below location:

https://www.splunk.com/en_us/download/splunk-enterprise.html#tabs/macos

You can also follow the video on youtube.

https://www.youtube.com/watch?v=1wkmEvsUe68

0 Karma
Reply
Solved! Jump to solution

miteshvohra
Contributor
‎03-23-2015 12:49 AM

Here is what I use while installing Splunk 6.2.2 on Mac OS X (Yosemite 10.10.2):

#mvohra: tar -zxf ~/Downloads/splunk-6.2.2-255606-darwin-64.tgz -C ~/Applications; ~/Applications/splunk/bin/./splunk start --accept-license --auto-ports --no-prompt --answer-yes

Do share your experience so others reading this post can benefit.

Mitesh.

0 Karma
Reply
Solved! Jump to solution

xvxt006
Contributor
‎03-23-2015 05:27 AM

Mitesh, Thanks for the answer. Yes i have used those instructions and worked fine.

0 Karma
Reply
Solved! Jump to solution
Solution

fdi01
Motivator
‎03-20-2015 01:40 AM

Command line install

Use the following instructions to install from a Terminal window.

Important: To install Splunk Enterprise on Mac OS X from the command line, you must use the root user, or elevate privileges using the sudo command. If you use sudo, your account must be an Admin-level account.

  1. To mount the dmg:

    sudo hdid splunk_package_name.dmg

The Finder mounts the disk image onto the desktop. The image is available under /Volumes/SplunkForwarder (note the space).

  1. To Install

    To the root volume:

    cd /Volumes/SplunkForwarder\
    sudo installer -pkg .payload/splunk.pkg -target /

Note: There is a space in the disk image's name. Use a backslash to escape the space or wrap the disk image name in quotes.

To a different disk of partition: 

cd  /Volumes/SplunkForwarder\ <version>
sudo installer -pkg .payload/splunk.pkg -target /Volumes\ Disk

Note: There is a space in the disk image's name. Use a backslash to escape the space or wrap the disk image name in quotes.

-target specifies a target volume, such as another disk, where Splunk will be installed in /Applications/splunk.

To install into a directory other than /Applications/splunk on any volume, use the graphical installer as described above.
tar file install

To install Splunk Enterprise on Mac OS X, expand the tar file into an appropriate directory using the tar command:

tar xvzf splunk_package_name.tgz

The default install directory is splunk in the current working directory. To install into /Applications/splunk, use the following command:

tar xvzf splunk_package_name.tgz -C /Applications

Note: When you install Splunk Enterprise with a tar file:

Splunk Enterprise does not create the splunk user automatically. If you want it to run as a specific user, you must create the user manually before installing.  Ensure that the disk partition has enough space to hold the uncompressed volume of the data you plan to keep indexed.

Start Splunk
run the following command from $SPLUNK_HOME/bin directory (where $SPLUNK_HOME is the directory into which you installed Splunk Enterprise):

sudo  ./splunk start

Launch Splunk Web and log in

After you start Splunk Enterprise and accept the license agreement,
1. In a browser window, access Splunk Web at

http://<hostname>:port
ex:
 http://localhost:8000
or
 http://127.0.0.1:8000
hostname is the host machine.
port is the port you specified during the installation (the default port is 8000).

you can do Graphical install it.

Reply
Solved! Jump to solution

rsennett_splunk
Splunk Employee
Splunk Employee
‎03-20-2015 12:28 AM

The Mac OS build comes in two forms: a .dmg package and a tar file. Here are the instructions for the:

Graphical (basic) and command line installs using the DMG file and tar file install.

When you click on the big green "Free Splunk" button on the home page, and then select OSX you are given two choices. You've selected the tar file or .tgz (the second one). The first one is the .dmg

Given the confusion, it might be best to grab the .dmg and work with what you know.
If you are intrigued however, the doc contains step by step instructions regarding installing Splunk with the .tgz file.

With Splunk... the answer is always "YES!". It just might require more regex than you're prepared for!
0 Karma
Reply
Solved! Jump to solution

juvetm
Communicator
‎03-20-2015 12:15 AM

hi xvx006,
for more information on how to install the mac i will like you to check on the documentation
Splunk-6.1.1-Installation i think this may help you on how to do it
thanks

0 Karma
Reply
Solved! Jump to solution

rsennett_splunk
Splunk Employee
Splunk Employee
‎03-20-2015 12:30 AM

The current version of Splunk is 6.2.2

With Splunk... the answer is always "YES!". It just might require more regex than you're prepared for!
0 Karma
Reply
Solved! Jump to solution

ChrisG
Splunk Employee
Splunk Employee
‎03-20-2015 10:08 AM

http://docs.splunk.com/Documentation/Splunk/6.2.2/Installation/InstallonMacOS

0 Karma
Reply
Get Updates on the Splunk Community!

Earn a $35 Gift Card for Answering our Splunk Admins & App Developer Survey

Survey for Splunk Admins and App Developers is open now! | Earn a $35 gift card!      Hello there,  Splunk ...

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

You’ve probably heard the latest about AppDynamics joining the Splunk Observability portfolio, deepening our ...

Monitoring Amazon Elastic Kubernetes Service (EKS)

As we’ve seen, integrating Kubernetes environments with Splunk Observability Cloud is a quick and easy way to ...