Wednesday, July 2, 2014

splunk is happiness 

 let's install splunk on ubuntu 12 lts. yes?  
# wget -O splunk-6.0-182037-linux-2.6-amd64.deb 'http://www.splunk.com/page/download_track?file=6.0/splunk/linux/splunk-6.0-182037-linux-2.6-amd64.deb&ac=&wget=true&name=wget&platform=Linux&architecture=x86_64&version=6.0&product=splunkd&typed=release&elq=bca94a89-16b1-4f53-8e04-2424a8c7c4d1'  
 
# dpkg -i splunk-6.0-182037-linux-2.6-amd64.deb  
# cd /opt/splunk/bin  
# ./splunk start  
# ./splunk boot-start  
 
Connect to http://localhost:8000  

Create Syslog Receiver  
      Settings > Data > Data inputs  
      Under "TCP" click "Add New"  
 
      Splunk Data Inputs TCP Add New  
      TCP Port = 514  
      Accept Connections from all hosts? = yes  
      Set sourcetype = From List  
      Select source type from list = syslog  
      Save  
 
      Do the same for UDP  
 
Voila happiness.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)