Re: Is there a systemd unit file for Splunk? - Page 4

Yorokobi · ‎09-24-2012

systemd replaces SysV init scripts and some Linux distributions are migrating to or currently support systemd (such as Arch Linux). The traditional start-up script /etc/init.d/splunk (or /etc/rc.d/splunk) does not work in a pure systemd configuration, a unit file is required.

This thread is getting outdated. See the official documentation and additional information below:
- https://docs.splunk.com/Documentation/Splunk/7.2.6/Admin/RunSplunkassystemdservice
- https://docs.splunk.com/Documentation/Splunk/7.2.6/Workloads/Configuresystemd
- https://answers.splunk.com/answers/738877/splunk-systemd-unit-file-in-versions-722-and-newer.html
- https://www.duanewaddle.com/splunk-7-2-2-and-systemd/

mattymo · ‎08-22-2017

finally got around to trying this. worked nice! thx!

- MattyMo

Yorokobi · ‎12-21-2012

Good catch, sspencer. I expect these answers will change over time as systemd evolves.

sspencer_splunk · ‎12-16-2012

According to systemd docs, variables cannot be used as the first argument of the ExecStart, ExecStop, and/or ExecReload options. Systemd will not expand those variables. My testing agrees with the documentation. I had to restore the absolute path as shown in the top entry of this answer.

Yorokobi · ‎09-24-2012

To enable the unit file:
sudo systemctl enable splunkd

Is there a systemd unit file for Splunk?

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Build the Future of Agentic AI: Join the Splunk Agentic Ops Hackathon

[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions

Splunk Community Badges!

Join the Conversation