So tonight I’m going to get Splunk installed in a virtual machine on my laptop. I’m doing this to get better at Splunk and to document the progress. Hopefully I can get ready for the first Splunk test.
So after I got the ovf I made the last time I setup an Ubuntu VM I was greeted with all the joys of running apt updates. This is way faster than trying to install Ubuntu Server from scratch though so we are still ahead of the game.
I prefer to use the .tgz of the Splunk distro since all you have to do with it is copy it over and untar it. Then run the install. Done. Super easy for me. What do method do you use to install Splunk?
I know the .tgz is the least automated way of deploying Splunk but this is only for the VM on my laptop for testing and dev not an attempt to deploy at scale or automate the deployment for a smaller shop. Probably will do that later on.
I put Splunk in the /opt folder and untar’d it. Then to save time in the future exported the updated Splunk VM as an ovf.
So now the install of Splunk $SPLUNK_HOME/bin/splunk start –accept-license command. Which is nice so you dont have to wade through a bazillion lines of license legalese.
So the Help Us Improve Splunk Software splash is new since 6.4.x
Well that’s it. All installed. Next up the Apps and Add-ons to install and create some VMs for the Universal Forwarders to collect data from.