Solved: Splunk forwarder on MacOS

americanadmin · ‎03-11-2019

Trying to install the splunk forwarder credentials is posing an issue on my system. The directions tell me to use a command that has ./splunk as part of the argument but terminal does not recognize that location. Are these credentials supposed to match their cloud component for the same ones that access the instances? The directions are not clear, they simply state to change the default. Also would like to see explicit uninstall commands as well.

nickhills · ‎03-15-2019

./splunk is "short-hand" for the splunk executable.
(more accurately $SPLUNK_HOME/bin/splunk)

On Unix, this is by default /opt/splunk/bin/splunk
On Windows it is c:\program files\splunk\bin\splunk
On MacOS it is /Applications/splunk/bin/splunk

If my comment helps, please give it a thumbs up!

View solution in original post

nickhills · ‎03-15-2019

./splunk is "short-hand" for the splunk executable.
(more accurately $SPLUNK_HOME/bin/splunk)

On Unix, this is by default /opt/splunk/bin/splunk
On Windows it is c:\program files\splunk\bin\splunk
On MacOS it is /Applications/splunk/bin/splunk

If my comment helps, please give it a thumbs up!

Splunk forwarder on MacOS

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

How to find the worst searches in your Splunk environment and how to fix them

Share Your Feedback: On Admin Config Service (ACS)!

Build the Future of Agentic AI: Join the Splunk Agentic Ops Hackathon

Join the Conversation