When I'm trying to install the splunkclouduf.spl file, I run into an error that a tmp directory doesn't exist. I got Splunk installed on one host just fine, with the exact same configuration (Amazon Linux, 2017.09.1.20180115). Nothing else is installed on these servers except the Splunk forwarder. I've tried on a third host, and got the same error:
[root@<hostname> ~]# /opt/splunkforwarder/bin/splunk install app splunkclouduf.spl -auth admin:changeme
Error during app install: failed to extract app from /root/splunkclouduf.spl to /opt/splunkforwarder/var/run/splunk/bundle_tmp/2d5c2511cc4a37f4: No such file or directory
I've tried changing /opt/splunkforwarder/var/run/splunk/bundle_tmp to 777 for testing, and that did not work.
... View more