Re: Splunk RPM

ayushkmr08 · ‎08-25-2021

Hi,
We are using Splunk RPM package for installing splunk but before installing it we want to add some file to that package and repack it as RPM and then use it to install on other machines.

Anybody please help me on that ..

Thanks In Advance

ephemeric · ‎08-25-2021

Sounds like https://en.wikipedia.org/wiki/XY_problem

ephemeric · ‎08-25-2021

May we know what file this is? I would recommend against unpacking and repacking the rpm as pointed out.

One can build a rpm but the process is complicated and *.spec files are convoluted at best.

If I know the file you wish to include, which should be deployed via some other mechanism like Ansible, Chef, Puppet, I can offer advice.

You can do a script with the rpm inline as an option.

codebuilder · ‎08-25-2021

You can download the tarball and extract it, add your files, then re-build that as an RPM. The catch will be that your "new" RPM won't pass the hash checking by yum or dnf so you would have to override that.

----
An upvote would be appreciated and Accept Solution if it helps!

ayushkmr08 · ‎08-25-2021

@codebuilder Can you please elaborate the process. I am able to extract the RPM package but not sure how to rebuild or repack it as RPM

codebuilder · ‎08-25-2021

You would use rpmbuild to create a new package, but what are exactly are you trying to accomplish?
There's likely a much easier solution than trying to re-package Splunk.

----
An upvote would be appreciated and Accept Solution if it helps!

Splunk RPM

installation

upgrade

using Splunk Enterprise

See Splunk Platform & Observability Innovations at Cisco Live EMEA

The OpenTelemetry Certified Associate (OTCA) Exam

From Manual to Agentic: Level Up Your SOC at Cisco Live

Join the Conversation