Skip to main content

Installation of splunk and splunkforwarder

splunk and splunk forwarder installation

create a group and account for splunk user
---------------------------------------
/usr/sbin/groupadd -g 9991 splunk
/usr/sbin/adduser  -c "Splunk" -u 9991 -g 9991 -s /bin/bash -d /opt/splunk -m splunk
cp -r /etc/skel/ /opt/splunk
chown -R splunk:splunk /opt/splunk/

set the limit for the splunk
---------------------------------------

vi /etc/security/limits.d/99-mrll-splunk.conf

splunk  hard    nofile  20240
splunk  soft    nofile  10240
splunk  hard    nproc  10240
splunk  soft    nproc  2048


Set the environment path for the splunk home directory


echo "# The btool command does not have the right LD_LIBRARY_PATH...
LD_LIBRARY_PATH=:/opt/splunk/lib
export LD_LIBRARY_PATH

# also set the splunk home for the application
SPLUNK_HOME=/opt/splunk
export SPLUNK_HOME

# and set the path for the user
PATH=${PATH}:/opt/splunk/bin
export PATH
" >> /opt/splunk/.bashrc

Install the splunk

rpm -ivh splunk-6.5.2-67571ef4b87d-linux-2.6-x86_64.rpm
su - splunk -c '/opt/splunk/bin/splunk start --accept-license --answer-yes'
sudo /opt/splunk/bin/splunk enable boot-start -user splunk --accept-license --answer-yes


Install the splunk forwarder

rpm -ivh splunkforwarder-6.5.2-67571ef4b87d-linux-2.6-x86_64.rpm
su - splunk -c '/opt/splunkforwarder/bin/splunk start --accept-license --answer-yes'
 /opt/splunkforwarder/bin/splunk enable boot-start -user splunk --accept-license --answer-yes
Labels:

Comments

Post a Comment

Popular posts from this blog

Veritas cluster Interview Questions-2

Please go through questions and answers. Let me know if you have any doubt by leaving comment. Adding and removing cluster node  Q-1 How to add a node in an existing cluster? Ans:    Adding a node into an existing cluster is a multi steps process. 1:       Set up the hardware Before adding a node to an existing cluster, node must be physically connected with the cluster.       1: Connect the VCS private Ethernet controllers       2: Connect the node to the shared storage 2:       Install the VCS software in the node           Install the VCS software and install the license. 3:       Configure LLT and GAB Create the LLT & GAB configuration files (/etc/llthosts, /etc/llttab and /etc/gabtab) in the new node and update the files on the existing node. 4:       Add the node to an existing cluster We have to perform below given tasks in any of the exi...
Post a Comment
Read more

Command for finding process using too much CPU

Command for finding process using too much CPU   Try doing this : top - b - n1 - c   And if you want the process that takes the most %CPU times : top - b - n1 - c | awk '/PID *USER/{print;getline;print}' or top - b - n1 - c | grep - A 2 '^$'       Or using a few other utils you could do: ps aux | sort - rk 3 , 3 | head - n 5   Change the value of head to get the number of processes you want to see.
Post a Comment
Read more

User account Lock/Unlock / Disable and enable

User account Lock/Unlock / Disable and enable Ex - Username - testing Lock command =---------- passwd -l testing or usermod -L testing unlock command ================= passwd -u testing or usermod -U testing Disable and Enable ==================== The following will lock an account Code: passwd -l testing You could also change the users shell to /bin/false if you don't want them to log in Code: usermod -s /bin/false testing Enable the account usermod -s /bin/bash tesing
Post a Comment
Read more