Ben's notes

Linux, Unix, network, radio...

User Tools

Site Tools


Splunk - CentOS7 installation

Install and configure OS

  • Create a virtual machine.
  • Configure network:
    su - root
    hostnamectl set-hostname <enter fqdn>
    nmcli c edit <uuid>
    # set ipv4 address and gateway
    nmcli> set ipv4.addresses
    # set DNS
    nmcli> set ipv4.dns
    nmcli> set ipv4.dns-search
    # set autoconnect
    nmcli> set connection.autoconnect yes
    # save and activate
    nmcli> save
    nmcli c up 'System p4p1'
  • Configure yum repo's.
  • Configure time sync (chrony).

Install and configure Splunk

  • Download Splunk rpm.
  • Create splunk user:
    groupadd splunk
    useradd -d /opt/splunk -m -g splunk splunk
  • Install Splunk:
    rpm -i splunk-6.2.1-245427-linux-2.6-x86_64.rpm
  • Accept license:
    ./splunk start --accept-license
  • Create systemd service /usr/lib/systemd/system/splunk.service:
    ExecStart=/opt/splunk/bin/splunk start
    ExecStop=/opt/splunk/bin/splunk stop
    ExecReload=/opt/splunk/bin/splunk restart
  • Enable auto start at boot:
    systemctl enable splunk
splunk_centos7.txt · Last modified: 2021/10/09 15:14 by