Home
Linux Introduction Linux Distributions Linux Commands Configure NTP Configure SSH Configure NFS Configure iSCSI Storage Configure Dnsmasq Configure FTP Server Configure LVM
Steps To Analyze Linux Performance Bottlenecks CPU Bottlenecks Memory Bottlenecks Disk Bottlenecks Network Bottlenecks
What is Devops? Devops Tools Configure Jenkins Configure Docker Configure Kubernetes Configure Puppet Configure Ansible Docker Commands Kubernetes Commands
Linux Automation using devops tools
Configure Nagios Configure Splunk
New Topics Privacy Policy About Contact Us
Computer man
Splunk

Splunk is an advanced, scalable, and effective technology that indexes and searches log files stored in a system. It analyzes the machine-generated data to provide operational intelligence. The main advantage of using Splunk is that it does not need any database to store its data, as it extensively makes use of its indexes to store the data.

Splunk is a software mainly used for searching, monitoring, and examining machine-generated Big Data through a web-style interface. Splunk performs capturing, indexing, and correlating the real-time data in a searchable container from which it can produce graphs, reports, alerts, dashboards, and visualizations. It aims to build machine-generated data available over an organization and is able to recognize data patterns, produce metrics, diagnose problems, and grant intelligence for business operation purposes. Splunk is a technology used for application management, security, and compliance, as well as business and web analytics.

Lets start to configure Splunk:-

Step:1 Download and Install Splunk Enterprise on CentOS 7 / RHEL
[root@server ~]# cd /tmp
[root@server ~]# sudo wget -O splunk-7.3.1-bd63e13aa157-linux-2.6-x86_64.rpm 'https://www.splunk.com/bin/splunk/DownloadActivityServlet?architecture=x86_64&platform=linux&version=7.3.1&product=splunk&filename=splunk-7.3.1-bd63e13aa157-linux-2.6-x86_64.rpm&wget=true'

Step:2 Install the splunk Enterprise using rpm command
[root@server ~]# rpm -ivh splunk-7.3.1-bd63e13aa157-linux-2.6-x86_64.rpm

Step:3 Enable Splunk at system startup.
[root@server ~]# /opt/splunk/bin/splunk enable boot-start
Splunk Software License Agreement 06.04.2019
Do you agree with this license? [y/n]: y

#Type Splunk Login administrator username, password and confirm password

Start the Splunk Service

[root@server ~]# systemctl start splunk

Now, Open web browser to access splunk web interface. We have to open firewall port 8000.

http://server_ip:8000
Type UserName and Password to login splunk web interface.
Once logged in you will see Splunk Dashboard.

Now, You are ready to use Splunk!
Please email me if you face any issue.

Name:

Email:

Comments:

views
PHP Hits Count