Network Security and <br> System Administration: Splunk Base 2.2.3

måndag, maj 21, 2007

Splunk Base 2.2.3 - FreeBSD installation

Splunk Install on FreeBSD 6.2

You have to install ports before proceeding

cd /usr/ports/misc/compat5x
#make install clean

#mkdir /usr/local/src
cd /usr/local/src

#pkg_add -r wget

#wget 'http://www.splunk.com/index.php/download_track?file=/2.2.3/freebsd/splunk-2.2.3-18173-freebsd-5.4-intel.tgz&ac=&wget=true&name=wget'

Override default installation directory (/opt/splunk) I think nonstandard stuff "should" go to /usr/local/.. ..

#pkg_add -v -p /usr/local/src/ splunk-2.1-freebsd-5.4-intel.tgz

Start Splunk
/usr/local/src/splunk/bin/splunk
..
License shows
..
Accept? y

Splunk now listens on

TCP
8000
8001
8089

If you want Splunk to listen for syslog,
be certain to keep it form starting on reboot.

# vi /etc/rc.conf

Add

syslogd_enable="NO"

Then setup Splunk to run on startup

#crontab -e

@reboot /usr/local/src/splunk/bin/./splunk start

Done!

Still, you need to enable local firewall for protection

1 Comments:

nasreen basu said...: brillant piece of information, I had come to know about your web-page from my friend hardkik, chennai,i have read atleast 9 posts of yours by now, and let me tell you, your webpage gives the best and the most interesting information. This is just the kind of information that i had been looking for, i'm already your rss reader now and i would regularly watch out for the new posts, once again hats off to you! Thanx a million once again, Regards,splunk training in hyderabad; 2015-12-29 07:08