Splunk Enterprise

Starting splunk enterprise but keep getting Error code?

SamuraP
Engager

Good Morning I'm trying to download splunk and start it on my terminal but I keep getting this error code: 

Exception: <class 'PermissionError'>, Value: [Errno 13] Permission denied: '/opt/splunk/etc/system/local/eventtypes.conf.tmp'

PermissionError: [Errno 13] Permission denied: '/opt/splunk/etc/system/local/eventtypes.conf.tmp'

 

please help!

Labels (1)
0 Karma
1 Solution

gcusello
SplunkTrust
SplunkTrust

Hi @SamuraP ,

let me understand:

I suppose that you want to texecute Splunk as user Splunk 

as you can read at https://docs.splunk.com/Documentation/Splunk/9.0.4/Installation/InstallonLinux and https://docs.splunk.com/Documentation/Splunk/9.0.4/Installation/RunSplunkasadifferentornon-rootuser , the Splunk installation procedure on linux says:

  • copy files (using rpm or tar) on the system,
  • useradd splunk
  • groupadd splunk
  • chown -R splunk:splunk $SPLUNK_HOME
  • su - splunk
  • cd /opt/splunk/bin/
  • run ./splunk start --accept-license,
  • then at the end enable boot start using the command you used:  ./splunk enable boot-start -user Splunk

Did you followed this path?

Ciao.

Giuseppe

View solution in original post

0 Karma

SamuraP
Engager

I just did this and it works! But when I try to access Splunk instances by using my IP address from the AWS it doesn't work. This is the Command I'm trying http://<your public ip>:8000.

0 Karma

gcusello
SplunkTrust
SplunkTrust

Hi @SamuraP ,

good for you, see next time!

Ciao and happy splunking

Giuseppe

P.S.: Karma Points are appreciated 😉

0 Karma

gcusello
SplunkTrust
SplunkTrust

Hi @SamuraP,

a stupid question: did you disabled firewalld (iptables) from your system?

obviously I suppose that you checked that Splunk is running with "/opt/splunk/bin/splunk status"

Ciao.

Giuseppe

0 Karma

gcusello
SplunkTrust
SplunkTrust

Hi @SamuraP,

could you describe the steps you did to arrive to this error?

Ciao.

Giuseppe

0 Karma

SamuraP
Engager

I did this command ./splunk enable boot-start -user Splunk. and then I accepted the license ut I guess since I had an old version it asked me if I wanted to upgrade and I said yes then it gave me the error. 

0 Karma

gcusello
SplunkTrust
SplunkTrust

Hi @SamuraP ,

let me understand:

I suppose that you want to texecute Splunk as user Splunk 

as you can read at https://docs.splunk.com/Documentation/Splunk/9.0.4/Installation/InstallonLinux and https://docs.splunk.com/Documentation/Splunk/9.0.4/Installation/RunSplunkasadifferentornon-rootuser , the Splunk installation procedure on linux says:

  • copy files (using rpm or tar) on the system,
  • useradd splunk
  • groupadd splunk
  • chown -R splunk:splunk $SPLUNK_HOME
  • su - splunk
  • cd /opt/splunk/bin/
  • run ./splunk start --accept-license,
  • then at the end enable boot start using the command you used:  ./splunk enable boot-start -user Splunk

Did you followed this path?

Ciao.

Giuseppe

0 Karma
Get Updates on the Splunk Community!

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

You’ve probably heard the latest about AppDynamics joining the Splunk Observability portfolio, deepening our ...

Monitoring Amazon Elastic Kubernetes Service (EKS)

As we’ve seen, integrating Kubernetes environments with Splunk Observability Cloud is a quick and easy way to ...

Cloud Platform & Enterprise: Classic Dashboard Export Feature Deprecation

As of Splunk Cloud Platform 9.3.2408 and Splunk Enterprise 9.4, classic dashboard export features are now ...