Splunk Search

setup and search matters

HY
Explorer

What are the configuration/setup I have to do in order to use Splunk in Redhat Enterprise Linux? What is the reason of why I can't search anything like top 10 process by CPU that kind of thing, and it shows no search results in redhat Enterprise Linux?

Tags (2)
0 Karma

MarioM
Motivator

To install full Splunk on Redhat as per documentation here is the instruction:
RedHat RPM install:
Install on Linux

And for the universal forwarder:
Deploy a *nix universal forwarder manually

Then you need to install Splunk for Unix and Linux app and go through the setup:
Splunk for Unix and Linux

0 Karma

Ayn
Legend

I think it's wiser to take the pains to go through the process of installing everything and learning about how it works in the process rather than taking a step-by-step list compiled by someone here. There is excellent documentation in the links MarioM provided.

0 Karma

HY
Explorer

I looked at all the instructions for all the links you had provided for me but I couldn't understand. May I appreciate you to explain all the configurations needed for Linux because I keep having problems with the search portion in Splunk?

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...