Splunk enterprise is the leading platform for the real time operational intelligence and for troubleshoot application problems and it helps to explore, visualize and monitor the splunk big data. It is built in python (front end) and C/C++ (back end). Splunk cloud also provides free splunk enterprise license for 60 days (500 Mb per day) as a subscription service. splunk installation in linux os is pretty easy and simple follow the steps below:
Here we are using Remote Linux instance already installed on Amazon AWS. So we will be using PUTTY Tool to access that Linux instance.
Step 1 : Enter IP address of your AWS instance then hit Open.
Step 2 : Now login as ec2-user and then change the password for ROOT user.
Step 3 : Now we are going to create new user in Linux name splunk.
(Make sure you are in root user)
useradd < username >
passwd < username >
Step 4 : Creating new group as splunk.
The following command will add a new user to your system:
groupadd < groupname >
usermod -a -G < groupname > < username >
Step 5 : Now download the Splunk Enterprise application in Linux instance from splunk.com
Copy the path after selecting the wget option to download application.
Step 6 : Now extract and install the compress package.Go in to /opt directory.
• Enter the following command.
rpm -ivh SPLUNKINSTALLTION.rpm
• change ownership from root to splunk
chown -R splunk:splunk /opt/splunk/
• CHANGE TO USER SPLUNK
SUDO SU splunk
• start splunk from splunk user
• Accept licence aggrement
• Set splunk web password
Step 7 : Login to splunk enterprise using the username and password used during setup.
If you are still facing issue regarding splunk installation in linux os Feel free to Ask Doubts in the Comment Box Below and Don’t Forget to Follow us on 👍 Social Networks, happy Splunking >😉