Hi! I am new to Splunk. I just download the Splunk 4.1.4 tar file and untar on the host, What is the next step to configure Splunk on my Ubuntu Server.
Currently I am planning to configure splunk on ubuntu 10.4. Please sned me the documentation. Thanks.
I know its old, but you shouldnt be running splunk as root.
Install as a splunk user. Then if this issue arises, do.
Then as splunkuser
$ splunk start
one note I forgot to say... if you have splunk user in your system it'd be better to use "sudo -u splunk ..." to run under this user
before this command probably you will need to run "sudo chown -R splunk:splunk /opt/splunk" to change the owner from root to splunk
BTW, you do know Splunk is available in .deb package format, which Ubuntu can natively install being a derivative of debian?