"Splunk 클라이언트 설치"의 두 판 사이의 차이

85번째 줄: 85번째 줄:
==같이 보기==
==같이 보기==
*[[스플렁크 설치]]
*[[스플렁크 설치]]
*[[스플렁크]]


==주석==
==주석==

2013년 6월 24일 (월) 14:52 판

splunk universal forwarder 설치
스플렁크 클라이언트 설치, 스플렁크 포워더 설치, 스플렁크 agent 설치

1 다운로드

  • 브라우저에서 http://www.splunk.com/ 접속
  • 우상단 [Login] 클릭
  • Username, Password 입력 --- [Login][1]
  • 우상단 [FREE DOWNLOAD] 클릭
  • 메뉴바 중간 [Universal Forwarder] 클릭
  • 2.6+ kernel Linux distributions (64-bit) 오른쪽 splunkforwarder-5.0.3-163460-linux-2.6-x86_64.rpm 클릭하여 다운로드 시작(19.8 MB)[2]

2 설치

  • splunkforwarder-5.0.3-163460-linux-2.6-x86_64.rpm 파일을 서버[3]에 업로드
[root@jmnote01 ~]# rpm -ivh splunkforwarder-5.0.3-163460-linux-2.6-x86_64.rpm
warning: splunkforwarder-5.0.3-163460-linux-2.6-x86_64.rpm: Header V3 DSA signature: NOKEY, key ID 653fb112
Preparing...                ########################################### [100%]
   1:splunkforwarder        ########################################### [100%]
-------------------------------------------------------------------------
Splunk has been installed in:
        /opt/splunkforwarder

To start Splunk, run the command:
        /opt/splunkforwarder/bin/splunk start



Complete documentation is at http://docs.splunk.com/Documentation/Splunk
-------------------------------------------------------------------------

3 최소 실행

[root@jmnote01 ~]# /opt/splunkforwarder/bin/splunk start --accept-license

This appears to be your first time running this version of Splunk.

Splunk> See your world.  Maybe wish you hadn't.

Checking prerequisites...
	Checking mgmt port [8089]: open
		Creating: /opt/splunkforwarder/var/lib/splunk
		Creating: /opt/splunkforwarder/var/run/splunk
		Creating: /opt/splunkforwarder/var/run/splunk/appserver/i18n
		Creating: /opt/splunkforwarder/var/run/splunk/appserver/modules/static/css
		Creating: /opt/splunkforwarder/var/run/splunk/upload
		Creating: /opt/splunkforwarder/var/spool/splunk
		Creating: /opt/splunkforwarder/var/spool/dirmoncache
		Creating: /opt/splunkforwarder/var/lib/splunk/authDb
		Creating: /opt/splunkforwarder/var/lib/splunk/hashDb
New certs have been generated in '/opt/splunkforwarder/etc/auth'.
	Checking conf files for typos...  	Done
All preliminary checks passed.

Starting splunk server daemon (splunkd)...  Done
                                                           [  OK  ]
[root@jmnote01 ~]# netstat -anp | grep :8089
tcp        0      0 0.0.0.0:8089                0.0.0.0:*                   LISTEN      1529/splunkd
[root@jmnote01 ~]# ps -ef | grep splunk | grep -v grep
root      1529     1  0 14:44 ?        00:00:00 splunkd -p 8089 start
root      1530  1529  0 14:44 ?        00:00:00 [splunkd pid=1529] splunkd -p 8089 start [process-runner]

4 자동 시작 설정

[root@jmnote01 ~]# /opt/splunkforwarder/bin/splunk enable boot-start
Init script installed at /etc/init.d/splunk.
Init script is configured to run at boot.
[root@jmnote01 ~]# service splunk status
Splunk status:
splunkd is running (PID: 2207).
splunk helpers are running (PIDs: 2208).
[root@jmnote01 ~]# chkconfig --list | grep splunk
splunk         	0:off	1:off	2:on	3:on	4:on	5:on	6:off

5 같이 보기

6 주석

  1. 계정이 없다면 가입해야 한다. [Sign Up Now]
  2. OS에 맞는 설치본 선택. 필자는 리눅스 64비트용을 선택함
  3. 스플렁크 클라이언트들 중 하나
문서 댓글 ({{ doc_comments.length }})
{{ comment.name }} {{ comment.created | snstime }}