I am trying to start splunk on a server running RH5, and get the belowmessage re: selinux. I have tried adding the line:
in the file opt/splunk/etc/splunk-launch.conf, but I still get the message. Any suggestions?
Splunk> Take the sh out of IT.
Checking prerequisites... Checking http port : open Checking mgmt port : open Checking configuration... Done. Checking index directory... Done. Checking databases... Validated databases: _audit, _blocksignature, _internal, _thefishbucket, history, main, sample, splunklogger, summary Checking for SELinux.
Command error: Splunk will not run with SELinux enabled. If you have adjusted Splunk's security level with chcon, you can bypass this check by setting the 'SPLUNK_IGNORE_SELINUX' environment variable.
Don't forget to also set SELINUX to allow Splunk to operate properly. Here are my notes (very similar to the Splunk Docs btw) on how to do this on RHEL5:
Also, dont forget to check other threads you open about the same topic 😉