Installation
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

OS X tar ball install procedures?

yuanliu
SplunkTrust
SplunkTrust
‎05-09-2014 01:40 PM

The install guide says simply untar. But that doesn't set $SPLUNK_HOME, etc.

error "ERROR: $SPLUNK_HOME passed into osxManageSplunk.sh is not a valid directory (path=The Splunk installer will replace the contents of this file with a path to the Splunk installation, WITHOUT a newline at the end.
)." number 1

Given time, I can fix most of these, but the instruction should include how to run installer. I'm using OS X 10.9.2.

Labels (1)
Labels
Reply

sunilpanda023
Path Finder
‎04-19-2019 09:19 PM

Reason this happens is because of how OS x launch works due to content in
/Applications/splunk/bin/splunk.app/Contents/Resources/SPLUNK_HOME.path

you can edit the contents of SPLUNK_HOME.path to /Applications/splunk

it worked for me.

Reply

gsaldi
Engager
‎07-02-2023 07:22 PM

This worked!

0 Karma
Reply

yuanliu
SplunkTrust
SplunkTrust
‎05-09-2014 08:27 PM

Not really different. I untarred in my Download/, then moved splunk/ to my Applications/, all under my /User/ home. Why is it different? I had the "unrecognized developer" block on start, so I followed the Splunk instruction to allow an security exception by starting from Finder. The problem is perhaps in the Apple script that the Finder technique invokes.

0 Karma
Reply

yuanliu
SplunkTrust
SplunkTrust
‎05-09-2014 08:26 PM

Not really different. I untarred in my Download/, then moved splunk/ to my Applications/, all under my /User/ home. Why is it different? I had the "unrecognized developer" block on start, so I followed the Splunk instruction to allow an security exception by starting from Finder. I think the problem is perhaps in the Apple script that the Finder technique invokes.

0 Karma
Reply

lguinn2
Legend
‎05-09-2014 06:13 PM

No splunk installation sets $SPLUNK_HOME, as far as I know.

I have installed Splunk on MAC OS X dozens of times, using the tar ball. I do it like this using a terminal window:

cd /Applications
tar -xzf splunkinstallerfile.tgz
cd splunk/bin
./splunk start

Where splunkinstallerfile.tgz is the path to the tar ball that you downloaded. Once you have untarred the file, Splunk is installed. There is no installer to run.

What are you doing?

Here are the installation instructions from the manual http://docs.splunk.com/Documentation/Splunk/latest/Installation/InstallonMacOS#tar_file_install

0 Karma
Reply

lguinn2
Legend
‎05-09-2014 11:35 PM

Hmm, it sounds like you have different user permissions, etc. than my Mac. My user account that runs Splunk has read/write privileges for all the files in /Applications/splunk - and it obviously has the ability to write in /Applications as well. I never start or access Splunk from Finder.

0 Karma
Reply

yuanliu
SplunkTrust
SplunkTrust
‎05-09-2014 08:27 PM

Not really different. I untarred in my Download/, then moved splunk/ to my Applications/, all under my /User/ home. Why is it different? I had the "unrecognized developer" block on start, so I followed the Splunk instruction to allow an security exception by starting from Finder. The problem is perhaps in the Apple script that the Finder technique invokes.

0 Karma
Reply
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...