Knowledge Base & Community Wiki
Installing Splunk On Ubuntu For Data Collection & Aggregation
What Is Splunk (http://www.splunk.com) – Splunk is the heavyweight commercial software which enables you to index, visualise and explore virtually any machine generated data. Splunk is often used to consume Apache, Varnish and Nginx web server logs as well as website clicks and any other data which maintains a constant format. Installing Splunk on any Debian based Linux distribution, such as Ubuntu, couldn’t be easier with the .deb package that available for download.
Visit the Splunk download page to download the Splunk .deb package: Download Splunk
Splunk Installation – Once you’ve downloaded the Deb file, upload the file to your Ubuntu server and place it a temporary directory. Run the dpkg command to install the Splunk server. The file name of the .deb file may change as new versions are made available so make sure that you have downloaded.
bash# dpkg -i splunk-6.0.3-204106-linux-2.6-amd64.deb
The output of the command will look like the below example.
Selecting previously unselected package splunk.
(Reading database … 20803 files and directories currently installed.)
Unpacking splunk (from splunk-6.0.3-204106-linux-2.6-amd64.deb) …
Setting up splunk (6.0.3-204106) …
Next we need to create the init.d script so that we can easily start and stop Splunk. Change the the Splunk directory and run the splunk executable with the below arguments.
bash# cd /opt/splunk/bin/
bash# ./splunk enable boot-start
Press SPACE to view all of the license agreement and then Y to accept it.
Start Splunk with the service command.
bash# service splunk start
Accessing The Splunk Interface – You will now be able to access Splunk’s web GUI which is running on port 8000. Point your browser at – http://10.10.10.10:8000/. Open the URL in the browser and login with the below details:
User Name: admin
What Next – Great, you now have your Splunk installation up and running. What’s required next is to get data from your various applications, logs and monitoring tools into Splunk so that it can be mined for relevant statistics. These rolled up statistics is what we would then import into VisualizeIT for purposes of visualization, modelling and forecasting. As next steps we would recommending reading the Splunk Forwarder article which talks about downloading, installing and configuring the Splunk Forward which is required to aggregated and send data to Splunk.
Extras : Splunk Installation Videos – In addition to the installation guide provided above we thought it would be useful if we also included relevant tutorials from the vendor themselves. These videos have been created by Splunk and suggest an alternate way to install and configure Splunk for your environment.
- Splunk Installation on Linux
- Splunk Installation on Windows
Important Links – Here are some important links which you might find useful –
Modelling Solution: VisualizeIT offers access to a bunch of Analytical Models, Statistical Models and Simulation Models. Access to all the Analytical (Mathematical) models is free. We recommend you try out the Analytical models at VisualizeIT which are free to use and drop us a note with your suggestions, input and comments. You can access the VisualizeIT website here and the VisualizeIT modelling solution here –VisualizeIT.