Splunk: Difference between revisions
Jump to navigation
Jump to search
| (3 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
What is Splunk? | <big> What is Splunk? </big> | ||
"Splunk is a search engine for IT data. It's software that lets you search and analyze all the data your IT infrastructure generates from a single location in real time. We call this IT Search. No need for databases, connectors, custom parsers or proprietary consoles. Just your imagination and a web browser! Now you can troubleshoot IT problems and investigate security incidents in minutes, not hours or days. Monitor all your applications, servers and network devices from one place. Report on all your compliance controls in a fraction of the time." --Splunk.com | "Splunk is a search engine for IT data. It's software that lets you search and analyze all the data your IT infrastructure generates from a single location in real time. We call this IT Search. No need for databases, connectors, custom parsers or proprietary consoles. Just your imagination and a web browser! Now you can troubleshoot IT problems and investigate security incidents in minutes, not hours or days. Monitor all your applications, servers and network devices from one place. Report on all your compliance controls in a fraction of the time." --Splunk.com | ||
== Installation == | |||
* Download the appropriate installation file from [http://www.splunk.com Splunk's website] | * Download the appropriate installation file from [http://www.splunk.com Splunk's website] | ||
** Login as: transycs | |||
* rpm -ivh ./splunk-4.0.3-65638-linux-2.6-x86_64.rpm | |||
<code><pre> | |||
[root@babbage splunk]# rpm -ivh splunk-4.0.3-65638-linux-2.6-x86_64.rpm | |||
warning: splunk-4.0.3-65638-linux-2.6-x86_64.rpm: Header V3 DSA signature: NOKEY, key ID 653fb112 | |||
Preparing... ########################################### [100%] | |||
1:splunk ########################################### [100%] | |||
---------------------------------------------------------------------- | |||
Splunk has been installed in: | |||
/opt/splunk | |||
To start Splunk, run the command: | |||
/opt/splunk/bin/splunk start | |||
To use the Splunk Web interface, point your browser at: | |||
http://babbage.cs.transy.edu:8000 | |||
Complete documentation is at http://www.splunk.com/r/docs | |||
---------------------------------------------------------------------- | |||
</pre></code> | |||
* Be sure to use 'system-config-securitylevel-tui' to open port 8000/tcp | |||
Latest revision as of 08:38, 31 August 2009
What is Splunk?
"Splunk is a search engine for IT data. It's software that lets you search and analyze all the data your IT infrastructure generates from a single location in real time. We call this IT Search. No need for databases, connectors, custom parsers or proprietary consoles. Just your imagination and a web browser! Now you can troubleshoot IT problems and investigate security incidents in minutes, not hours or days. Monitor all your applications, servers and network devices from one place. Report on all your compliance controls in a fraction of the time." --Splunk.com
Installation[edit]
- Download the appropriate installation file from Splunk's website
- Login as: transycs
- rpm -ivh ./splunk-4.0.3-65638-linux-2.6-x86_64.rpm
[root@babbage splunk]# rpm -ivh splunk-4.0.3-65638-linux-2.6-x86_64.rpm
warning: splunk-4.0.3-65638-linux-2.6-x86_64.rpm: Header V3 DSA signature: NOKEY, key ID 653fb112
Preparing... ########################################### [100%]
1:splunk ########################################### [100%]
----------------------------------------------------------------------
Splunk has been installed in:
/opt/splunk
To start Splunk, run the command:
/opt/splunk/bin/splunk start
To use the Splunk Web interface, point your browser at:
http://babbage.cs.transy.edu:8000
Complete documentation is at http://www.splunk.com/r/docs
----------------------------------------------------------------------
- Be sure to use 'system-config-securitylevel-tui' to open port 8000/tcp