Skip to content

Instantly share code, notes, and snippets.

@amanualt

amanualt/splunk.md

Last active December 20, 2021 12:59
Show Gist options
  • Star 2 You must be signed in to star a gist
  • Fork 3 You must be signed in to fork a gist
  • Save amanualt/beb51aeb3c971bfc6dde0549423439c9 to your computer and use it in GitHub Desktop.
Save amanualt/beb51aeb3c971bfc6dde0549423439c9 to your computer and use it in GitHub Desktop.
Download ZIP
splunk centos7 firewalld
Raw
splunk.md

Install Splunk

Create a Splunk User

  • I created a user to run this application and created an application folder for the installation
# groupadd splunk
# useradd -d /opt/splunk -m -g splunk splunk
# su - splunk
  • look bit
# getconf LONG_BIT
  • Download Splunk Enterprise version here or wget
# wget https://download.splunk.com/products/splunk/releases/7.0.0/linux/splunk-7.0.0-c8a78efdd40f-Linux-x86_64.tgz
# tar xvf splunk-7.0.0-c8a78efdd40f-Linux-x86_64.tgz
# cp -r splunk/ /opt
# chown -R splunk: /opt/splunk/

Firewall mods

  • Allow web access on port tcp 8000, syslog on udp 5514
# firewall-cmd --zone=public --permanent --add-port=8000/tcp
# firewall-cmd --zone=public --permanent --add-port=5514/udp
  • Reload firewall
# firewall-cmd --reload

Run Splunk

  • Splunk Installation
# su - splunk
$ cd bin/
$ ./splunk start --accept-license
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment