본문 바로가기
2014.10.31 14:10

Installing Splunk on CentOS

조회 수 7278 추천 수 0 댓글 0
?

단축키

Prev이전 문서

Next다음 문서

+ - Up Down Comment Print Files
?

단축키

Prev이전 문서

Next다음 문서

+ - Up Down Comment Print Files

Installing Splunk on CentOS


1. download the latest version of splunk from:

http://www.splunk.com/download

01.png 02.png


2. Install splunk

rpm -i splunk-6.2.0-237341-linux-2.6-x86_64.rpm


3. Start splunk

/opt/splunk/bin/splunk start --accept-license

/opt/splunk/bin/splunk enable boot-start


4. Set PATH with the splunk bin directory

echo 'SPLUNK_HOME=/opt/splunk' >> ~/.bashrc

echo 'export PATH=$PATH:$SPLUNK_HOME/bin/' >> ~/.bashrc

source ~/.bashrc


5. Allow port 8000 and 8089 through iptables

iptables -I INPUT 2 -p tcp -m state --state NEW -m tcp --dport 8000 -j ACCEPT

iptables -I INPUT 3 -p tcp -m state --state NEW -m tcp --dport 8089 -j ACCEPT

/etc/init.d/iptables save

/etc/init.d/iptables restart


6. Go to web interface with 8000 port and login with default user credentials

admin/changeme

03.png 04.png 05.png


7. Change minimum disk size for indexing

06.png 07.png 08.png


8. Add TCP/UDP listener for syslog

09.png 10.png

- set port 514 for syslog


9. Configure syslog-ng to send data to Splunk


vi /etc/rsyslog.conf

------------------8<--------------------

# send to splunk

*.* @@127.0.0.1

------------------8<--------------------

service rsyslog restart


10. Test with logger

logger "my little pony"

11.png


11. Allow TCP/UDP port 514 for remote hosts

iptables -I INPUT 2 -p udp --dport 514 -j ACCEPT

iptables -I INPUT 3 -p tcp -m state --state NEW -m tcp --dport 514 -j ACCEPT

/etc/init.d/iptables save

/etc/init.d/iptables restart



Title
List of Articles
번호 제목 글쓴이 날짜 조회 수
448 How to install Java on linux with no Internet connectivity (using local repository) Hojung 2015.12.22 3790
447 How to install tcpreplay on CentOS 6.5 Hojung 2015.08.21 8628
446 Install et131x network interface driver in CentOS 6 (LW25-BDUO3) file Hojung 2015.07.03 4933
445 How to find CentOS and kernel version Hojung 2015.04.30 4297
444 MD5 Test Hojung 2015.04.01 4463
443 MAC times in Linux (atime, mtime, ctime, crtime, touch, stat, debugfs) Hojung 2015.01.13 5383
442 How to generate a key with passphrase Hojung 2014.11.22 5642
441 Most Common OpenSSL Commands Hojung 2014.11.21 6091
440 How to use screen command Hojung 2014.11.17 4545
439 snorby (on testing) Hojung 2014.11.17 7293
438 APM (Apache + PHP + MySQL) with phpmyadmin in CentOS VM Hojung 2014.11.16 5434
437 10 Ways to Generate a Random Password from the Command Line Hojung 2014.11.16 4747
436 How to increase the size of a Linux LVM by adding a new disk file Hojung 2014.11.14 4942
435 Configuring logrotate for Rails logs file Hojung 2014.11.13 5411
» Installing Splunk on CentOS file Hojung 2014.10.31 7278
433 Web performance test with ab (ruby web, dd, ab) file Hojung 2014.10.01 6258
432 Web performance test with Pylot (ruby web, dd, pylot) file Hojung 2014.10.01 5801
431 Install and Configure NTP to Synchronize The System Clock (ntpd, ntpdate) Hojung 2014.09.17 5317
430 How to disable IPv6 in CentOS 6 Hojung 2014.09.04 5446
429 IDS with snort in CentOS (Snort, Barnyard2) Hojung 2014.08.19 8842
Board Pagination ‹ Prev 1 2 3 4 5 6 7 8 9 10 ... 23 Next ›
/ 23

Designed by sketchbooks.co.kr / sketchbook5 board skin

나눔글꼴 설치 안내


이 PC에는 나눔글꼴이 설치되어 있지 않습니다.

이 사이트를 나눔글꼴로 보기 위해서는
나눔글꼴을 설치해야 합니다.

설치 취소

Sketchbook5, 스케치북5

Sketchbook5, 스케치북5

Sketchbook5, 스케치북5

Sketchbook5, 스케치북5