Splunk 설치

Jmnote (토론 | 기여)님의 2013년 6월 24일 (월) 11:38 판 (→‎설치)
Splunk 설치
스플렁크 설치

1 권장사양

Splunk 서버의 권장사양은 다음과 같다.

  • 리눅스: 1.4 GHz x 1CPU, 1GB 이상
  • 윈도우: 2.0 GHz x 1CPU, 2GB 이상[1]

여기서는 리눅스(CentOS)에 설치할 예정이다.

2 다운로드

  • 브라우저에서 https://www.splunk.com 접속
  • 우상단 [Login] 클릭
  • Username, Password 입력 --- [Login][2]
  • 우상단 [FREE DOWNLOAD] 클릭
  • splunk 아래 [Free Download] 클릭
  • splunk-5.0.3-163460-linux-2.6-x86_64.rpm 클릭하여 다운로드 시작(38.4 MB)[3]

3 설치

  • splunk-5.0.3-163460-linux-2.6-x86_64.rpm를 서버로 업로드
[root@jmnote ~]# rpm -ivh splunk-5.0.3-163460-linux-2.6-x86_64.rpm
warning: splunk-5.0.3-163460-linux-2.6-x86_64.rpm: Header V3 DSA signature: NOKEY, key ID 653fb112
Preparing...                ########################################### [100%]
   1:splunk                 ########################################### [100%]
Splunk has been installed in:

To start Splunk, run the command:
        /opt/splunk/bin/splunk start

To use the Splunk Web interface, point your browser to:

Complete documentation is at http://docs.splunk.com/Documentation/Splunk
[root@splunk ~]# /opt/splunk/bin/splunk start --accept-license

This appears to be your first time running this version of Splunk.
Copying '/opt/splunk/etc/openldap/ldap.conf.default' to '/opt/splunk/etc/openldap/ldap.conf'.
Generating RSA private key, 1024 bit long modulus
e is 65537 (0x10001)
writing RSA key

Generating RSA private key, 1024 bit long modulus
e is 65537 (0x10001)
writing RSA key

Moving '/opt/splunk/share/splunk/search_mrsparkle/modules.new' to '/opt/splunk/share/splunk/search_mrsparkle/modules'.

Splunk> See your world.  Maybe wish you hadn't.

Checking prerequisites...
	Checking http port [8000]: open
	Checking mgmt port [8089]: open
	Checking configuration...  Done.
	Checking indexes...
		Creating: /opt/splunk/var/lib/splunk
		Creating: /opt/splunk/var/run/splunk
		Creating: /opt/splunk/var/run/splunk/appserver/i18n
		Creating: /opt/splunk/var/run/splunk/appserver/modules/static/css
		Creating: /opt/splunk/var/run/splunk/upload
		Creating: /opt/splunk/var/spool/splunk
		Creating: /opt/splunk/var/spool/dirmoncache
		Creating: /opt/splunk/var/lib/splunk/authDb
		Creating: /opt/splunk/var/lib/splunk/hashDb
		Validated databases: _audit _blocksignature _internal _thefishbucket history main summary
New certs have been generated in '/opt/splunk/etc/auth'.
	Checking filesystem compatibility...  Done
	Checking conf files for typos...  	Done
All preliminary checks passed.

Starting splunk server daemon (splunkd)...  Done
                                                           [  OK  ]
Starting splunkweb...  Generating certs for splunkweb server
Generating a 1024 bit RSA private key
writing new private key to 'privKeySecure.pem'
Signature ok
Getting CA Private Key
writing RSA key
                                                           [  OK  ]

If you get stuck, we're here to help.  
Look for answers here: http://docs.splunk.com

The Splunk web interface is at http://splunk:8000

4 같이 보기

5 주석

  1. http://docs.splunk.com/Documentation/Splunk/5.0.3/Installation/SystemRequirements#Recommended_hardware
  2. 계정이 없다면 가입해야 한다. [Sign Up Now]
  3. OS에 맞는 설치본 선택. 필자는 리눅스 64비트용을 선택함

6 참고 자료

문서 댓글 ({{ doc_comments.length }})
{{ comment.name }} {{ comment.created | snstime }}