Splunk is a cross platform application, it can be installed in any OS like Windows, Linux, Unix, Mac,etc. We all know Windows OS is very user-friendly and easy to use unlike Linux/Unix. Linux/Unix is used for commercial purpose, thus, we are going to learn how Splunk can be installed in Linux Environment with the help of commands.
Turn on your Linux server and Open the terminal by right clicking on the desktop
Go to /opt directory
# cd /opt
Now, go to the following link
You need to create an account. Then fill all the details as shown below.
After filling all the details , click and agree Splunk Software Licence Agreement and proceed to create your account.
After that you will get an option to download Splunk Enterprise for your environment. In our case we have to download for Linux, so click on Linux tab and download .tgz file
[ Note : We can also download .rpm or .deb based on the Linux distribution we are working on ]
Hence you will get your download page and click on Download via Command Line(wget)
You will wget url , copy the url
Now open your Linux terminal and type
#yum install wget
It will install wget command from yum repository; wget bascially downloads any content from given URL in Linux.
Now we will download Splunk using URL through wget command which we copied from the Splunk website (last column of Step 2)
#wget -O splunk-8.0.1-6db836e2fb9e-Linux-x86_64.tgz 'https://www.splunk.com/bin/splunk/DownloadActivityServlet?architecture=x86_64&platform=linux&version=8.0.1&product=splunk&filename=splunk-8.0.1-6db836e2fb9e-Linux-x86_64.tgz&wget=true'
Now, downloading of splunk-8.0.1-6db836e2fb9e-Linux-x86_64.tgz file will get started and have to wait until it gets completed.
After the downloading is completed go to /opt directory
# cd /opt
and check splunk-8.0.1-6db836e2fb9e-Linux-x86_64.tgz file is available or not. If it is downloaded you will see it in /opt directory.
Now we have to untar splunk-8.0.1-6db836e2fb9e-Linux-x86_64.tgz
#tar -xvfz splunk-8.0.1-6db836e2fb9e-Linux-x86_64.tgz
Now, we have to install Splunk and accept licence automatically.
Go to /opt/splunk/bin directory and type
#./splunk start --accept-license
After doing this it will ask for username and password , set your own username and password and go ahead.
Now after successfully installing Splunk, Check the status of the installation that if it is going good or not.
Go to /opt/splunk/bin directory and write :
It will show splunkd is running. It means installation of Splunk is successfully completed.
NOTE: WE CAN ALSO USE COMMAND TO STOP SPLUNK IN LINUX SERVER THAT IS ALSO GIVEN BELOW.
Hope you have understood the simple and very important process of Installation of Splunk in Lnux Server.
Happy Splunking !!