Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
splunk centos7 firewalld

Install Splunk

Create a Splunk User

  • I created a user to run this application and created an application folder for the installation
# groupadd splunk
# useradd -d /opt/splunk -m -g splunk splunk
# su - splunk
  • look bit
# getconf LONG_BIT
  • Download Splunk Enterprise version here or wget
# wget https://download.splunk.com/products/splunk/releases/7.0.0/linux/splunk-7.0.0-c8a78efdd40f-Linux-x86_64.tgz
# tar xvf splunk-7.0.0-c8a78efdd40f-Linux-x86_64.tgz
# cp -r splunk/ /opt
# chown -R splunk: /opt/splunk/

Firewall mods

  • Allow web access on port tcp 8000, syslog on udp 5514
# firewall-cmd --zone=public --permanent --add-port=8000/tcp
# firewall-cmd --zone=public --permanent --add-port=5514/udp
  • Reload firewall
# firewall-cmd --reload

Run Splunk

  • Splunk Installation
# su - splunk
$ cd bin/
$ ./splunk start --accept-license
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.