Splunkのインストールと構成

3006 ワード

インストール環境:CentOS 6.2 64 Bit
インストール:まずselinuxを閉じます.

#vi /etc/sysconfig/selinux 
SELINUX=disabled 
setenforce 0

     :
splunk-6.0.1-189883-Linux-x86_64.tgz 
#tar -zxvf splunk-6.0.1-189883-Linux-x86_64.tgz 
#cd .. 
#mv splunk /usr/local 
#cd /usr/local/splunk/bin 
#./splunk enable boot-start

次に、プロトコルを参照した後、「y」の最初のインストールプロンプトを入力する必要があります.

This appears to be your first time running this version of Splunk.
Copying '/usr/local/splunk/etc/openldap/ldap.conf.default' to '/usr/local/splunk/etc/openldap/ldap.conf'

Moving '/usr/local/splunk/share/splunk/search_mrsparkle/modules.new' to '/usr/local/splunk/share/splunk/search_mrsparkle/modules'.
Init script installed at /etc/init.d/splunk.
Init script is not configured to run at boot.

/usr/local/splunk/etc/openldap/ldap.conf.defaultは/usr/local/splunk/etc/openldap/ldapにコピーする.次にconfを実行します.

#/etc/init.d/splunk start
Starting Splunk...

Splunk> Take the sh out of IT.

Checking prerequisites...
        Checking http port [8000]: open
        Checking mgmt port [8089]: open
        Checking configuration...  Done.
                Creating: /usr/local/splunk/var/lib/splunk
                Creating: /usr/local/splunk/var/run/splunk
                Creating: /usr/local/splunk/var/run/splunk/appserver/i18n
                Creating: /usr/local/splunk/var/run/splunk/appserver/modules/static/css
                Creating: /usr/local/splunk/var/run/splunk/upload
                Creating: /usr/local/splunk/var/spool/splunk
                Creating: /usr/local/splunk/var/spool/dirmoncache
                Creating: /usr/local/splunk/var/lib/splunk/authDb
                Creating: /usr/local/splunk/var/lib/splunk/hashDb
        Checking critical directories...        Done
        Checking indexes...
                Validated: _audit _blocksignature _internal _thefishbucket history main summary
        Done
New certs have been generated in '/usr/local/splunk/etc/auth'.
        Checking filesystem compatibility...  Done
        Checking conf files for typos...        Done
All preliminary checks passed.

Starting splunk server daemon (splunkd)...
Done
                                                           [  ]
Starting splunkweb...  Generating certs for splunkweb server
Generating a 1024 bit RSA private key
.............++++++
.....................................................++++++
writing new private key to 'privKeySecure.pem'
-----
Signature ok
subject=/CN=localhost.localdomain/O=SplunkUser
Getting CA Private Key
writing RSA key
                                                           [  ]
Done

If you get stuck, we're here to help.
Look for answers here: http://docs.splunk.com

The Splunk web interface is at http://127.0.0.1:8000

最後にブラウザに次のように入力します.

http://localhost:8000/

      ，           ，       8000        ；
#service iptables stop

BOJ 10828:スタック実装

テンプレート文字