Note: This post is Part 2 of the series on using Splunk in a Virtual Lab – The full series is Introduction, Part 1, Part 2, Part 3, and Part 4.
Install Splunk
Install Splunk video: https://www.splunk.com/view/SP-CAAAGW9- "Free Splunk" - x86_64
- Create a Splunk Account
- yum install wget (on VM)
- "Get wget" from Splunk website (right side)
- Extract to "opt" folder sudo tar -xvzf splunk[...].tgz /opt
- sudo mv /opt/splunk/bin
- See Splunk License Agreement. To accept it: ./splunk start --accept-license
- Start Splunk at boot: sudo ./splunk enable boot-start -user [Installer Username(splunk)]
- Setup another Port Forwarding rule.
- Name: "Splunk URL from host"
- Host IP: "127.0.0.1"
- Host Port: "8000"
- Guest IP: "10.0.2.15" (VM IP address)
- Guest Port: "8000"
- Go to Splunk Web Interface: http://127.0.0.1:8000
(Default Username: admin, Password: changeme) - Change Username and Password information
- You have successfully installed Splunk Enterprise
Splunk Note:
Popular Splunk commands:./splunk start ./splunk stop ./splunk restart ./splunk help Note: Continue reading...Part Three: Installing Splunk Forwarder on Ubuntu.
No comments :
Post a Comment