How to Install Splunk on CentOS 7
Splunk is one of the most powerful tool for exploring and searching data. It is one of the easiest, faster and secured way to search, analysis, collect and visualize massive data streams in realtime from applications, webservers, databases, server platforms, Cloud networks and many more. The Splunk developers are offering Splunk software packages compatible on different platforms, we can choose the best one which suits our purpose. This software makes it simple to collect, analyze and work upon the unbroached value of massive data generated by any IT enterprise, security systems or any business applications, giving you a total insights to obtain the best operational performance and business results.
There are no official pre-requisites for the installations, but I recommend a proper hostname, firewall and network configuration for the server prior to the installations. This software supports only 64 bit server architecture. In this article, I'm guiding you on how to install Splunk Enterprise version on a CentOS 7 server. Let's walk through the installation steps one by one.
1. Create a Splunk User
It is always recommended to run this application as its dedicated user rather than as root. I created a user to run this application and created a application folder for the installation.
[root@server1 tmp]# groupadd splunk
[root@server1 tmp]# useradd -d /opt/splunk -m -g splunk splunk
[root@server1 tmp]# su - splunk
[splunk@server1 ~]$ id
uid=1001(splunk) gid=1001(splunk) groups=1001(splunk)
Confirm the server architecture
[splunk@server1 ~]$ getconf LONG_BIT
2. Download and extract the Splunk Enterprise version
Create a Splunk account and download the Splunk software from their official website .
Now extract the tar file and copy the files to the Splunk application folder namely /opt/splunk created.
root@server1 tmp]# tar -xvf splunk-6.4.0-f2c-Linux-x86_64.tgz
[root@server1 tmp]# cp -rp splunk/* /opt/splunk/
[root@server1 tmp]# chown -R splunk: /opt/splunk/
3. Splunk Installation
Once the Splunk software is downloaded, you can login to your Splunk user and run the installation script. I choose the trial license, so it will take it by default.
root@server1 tmp]# su - splunk
Last login: Fri Apr 29 08:14:12 UTC 2016 on pts/0
[splunk@server1 ~]$ cd bin/
[splunk@server1 bin]$ ./splunk start --accept-license
This appears to be your first time running this version of Splunk.
Copying '/opt/splunk/etc/openldap/ldap.conf.default' to '/opt/splunk/etc/openldap/ldap.conf'.
Generating RSA private key, 1024 bit long modulus
..................++++++
writing RSA key
Generating RSA private key, 1024 bit long modulus
................++++++
writing RSA key
Moving '/opt/splunk/share/splunk/search_mrsparkle/modules.new' to '/opt/splunk/share/splunk/search_mrsparkle/modules'.
Splunk& Australian for grep.
Checking prerequisites...
Checking http port [8000]: open
Checking mgmt port [8089]: open
Checking appserver port [127.0.0.1:8065]: open
Checking kvstore port [8191]: open
Checking configuration... Done.
Creating: /opt/splunk/var/lib/splunk
Creating: /opt/splunk/var/run/splunk
Creating: /opt/splunk/var/run/splunk/appserver/i18n
Creating: /opt/splunk/var/run/splunk/appserver/modules/static/css
Creating: /opt/splunk/var/run/splunk/upload
Creating: /opt/splunk/var/spool/splunk
Creating: /opt/splunk/var/spool/dirmoncache
Creating: /opt/splunk/var/lib/splunk/authDb
Creating: /opt/splunk/var/lib/splunk/hashDb
Checking critical directories... Done
Checking indexes...
Validated: _audit _internal _introspection _thefishbucket history main summary
New certs have been generated in '/opt/splunk/etc/auth'.
Checking filesystem compatibility... Done
Checking conf files for problems...
Checking default conf files for edits...
Validating installed files against hashes from '/opt/splunk/splunk-6.4.0-f2c-linux-2.6-x86_64-manifest'
All installed files intact.
All preliminary checks passed.
Starting splunk server daemon (splunkd)...
Generating a 1024 bit RSA private key
.....................++++++
...........................++++++
writing new private key to 'privKeySecure.pem'
Signature ok
subject=/CN=server1./O=SplunkUser
Getting CA Private Key
writing RSA key
Waiting for web server at http://127.0.0.1:8000 to be available.... Done
If you get stuck, we're here to help.
Look for answers here:
The Splunk web interface is at http://server1.:8000
Now you can access your Splunk Web interface at http://IP:8000/ or http://hostname:8000. You need to make sure this port 8000 is open in your server firewall.
4. Configuring Splunk Web Interface
I've completed with my installation and I've my Splunk Service up & running in my server. Now I need to set-up my Splunk Web interface. I accessed my Splunk web interface and set my administrator password.
First time when you're accessing the Splunk interface, you can use the user/password provided in the page which is admin/changeme in this case. Once logged in, on the very next page it will ask to change and confirm your new password.
Now, you've set your admin password. Once you log in with the new password, you will have your Splunk Dashboard ready to use.
There are different categories listed over in the home page. You can choose the required one and start splunking.
6. Adding a task
I'm adding an example for a simple task which is been added to the Splunk system. Just see my snapshots to understand how I added it. My task is to add /var/log folder to the Splunk system for monitoring.
Open up the Splunk Web interface. Click on the Settings Tab && Choose the Add Data option
2. The Add Data Tab opens up with three options : Upload, Monitor and Forward. Here our task is to monitor a folder, so we go ahead with Monitor.
In the Monitor option, there are four categories as below:
File & Directories : To monitor files/folders
HTTP Event Collector : Monitor data streams over HTTP
TCP/UDP : Monitor Service ports
Scripts : Monitor Scripts
3. According to our purpose, I choose the Files & Directories option.
4. Now, I'm choosing the exact folder path from the server to monitor. Once you confirm with the settings, you can click Next and Review.
5. Now you can start searching and monitoring the log file as required.
You can just see the logs been narrowed to one of my REDIS application on the server.
This is just a simple example for Splunking, you can add as many tasks to this and explore your server data. I hope this article is informative and useful for you. Thank you for reading this :) I recommend your valuable suggestions and comments on this. Now just try Splunk!!
Enjoy Splunking :)
You might also like
Filed Under : ,
Free Linux Ebook to Download
Next Article
Popular Posts
Your Matched Resources
Subscribe To Free Newsletter
Enter email address to subscribe and receive notifications of new posts by email
Join 10400+ Other Subscribers
100% privacy - We will never spam you
100% privacy - We will never spam youopenshift origin v3 centos7 安装记 - 推酷
openshift origin v3 centos7 安装记
草稿 整理中
安装git,vim,httpd-tools
yum install vim git httpd-tools -y
关闭防火墙及selinux
systemctl stop firewalld
systemctl disable firewalld
sed -i 's/SELINUX\=enforcing/SELINUX\=disabled/g' /etc/selinux/config
安装docker
wget -qO- / | sh
systemctl enable docker
设置docker
vim /usr/lib/systemd/system/docker.service
在启动docker的后面添加 这个地址需要按照实际情况定义 后面可修改
--insecure-registry&172.30.0.0/16
启动docker
systemctl start docker
下载openshift origin 包
wget /openshift/origin/releases/download/v1.1.0.1/openshift-origin-server-v1.1.0.1-bf56e23-linux-64bit.tar.gz
已发表评论数()
请填写推刊名
描述不能大于100个字符!
权限设置： 公开
仅自己可见
正文不准确
标题不准确
排版有问题
主题不准确
没有分页内容
图片无法显示
视频无法显示
与原文不一致全球最新的免费资源发布区
OpenShift Redhat免费空间登录管理和使用:下载文件安装程序和应用
& 日 16:50 &
原来的那一篇收到的评论实在是太多了,目前已经超过了800条了,如果文章页面超过了1000条评论那可真是个奇迹了。虽然部落已经用做了缓存加速，但是如果页面太长内容太多的话，打开起来还是有点慢。
尤其是用那些“行将就木”的IE6老式的浏览器打开这个长长的页面就会感觉有些吃力，就OpenShift Redhat免费空间受欢迎程度，足以说明OpenShift空间的优势：1.5G 内存和3G 存储空间，无限流量，可以和一些国内空间相媲美了。
这次再开一篇OpenShift redhat免费空间使用方法与技巧，主要是帮助大家在使用OpenShift Redhat免费空间的过程中遇到的一些实际问题，OpenShift貌似是目前唯一一个敢开S@#给免费用户使用的空间。
充分利用好OpenShift redhat提供的免费S@#管理权限，可以极大地发挥OpenShift Redhat的用途，瞬间下载、搭建网站、制作应用都是很容易的事情。下列云计算平台使用难度高，不推荐新手使用：
1、德国的云计算：
2、多应用平台：
3、AppFog一家：
OpenShift Redhat免费空间S@#登录管理和使用:下载文件安装程序和应用
一、OpenShift Redhat免费空间S@#登录准备条件
1、你至少会使用OpenShift Redhat空间并已经在该空间上成功搭建了Wordpress等应用，否则本篇文章所讲的内容会觉得“跨度大”，其实会了就简单了。
2、OpenShift Redhat免费空间基础教程：
3、电脑上已经安装了，并且已经成功安装了OpenShift client tool工具了。
4、如果你像我一样，之前用过了OpenShift空间但是卸载了软件删除了本地文件夹，想重新连接OpenShift Redhat服务器，基本过程是这样的：
5、输入下列代码安装OpenShift Client。
gem install rhc
6、输入下列代码，登录OpenShift空间并生成公钥和私钥。
7、上图是输入账号登录，然后将公钥和私钥保存在本地。最后软件提示你是否上传新生成的公钥，输入Yes，回车，随便起一个名字，回车就行了。
8、如果你已经成功连接了OpenShift空间，就不需要执行上面的操作了。
二、转换S@#密钥为Putty登录授权的Key
1、S@#登录我们一般使用的是Putty，而Putty登录Linux主机所用的认证私钥文件并不能直接使用以上我们生成的S@#密钥。
2、我们需要用PuTTYgen来将密钥转换一下，这里是。（纯净官方英文版，非汉化）
3、启动PuTTYgen，点击“转换”选择“导入Key”。
4、找到你刚刚执行命令或者以前使用生成的密钥文件，一般是在.S@#文件夹中。
5、导入成功后，然后点击右下角的“保存密钥到本地”。
6、给你的PPK密钥随便取一个名字，保存在本地就行了。
三、使用Putty成功通过S@#登录到OpenShift免费空间
1、启动你的Putty，这里是。
2、复制你的应用的S@#地址，注意看图片中我选择的部分。
3、然后将该地址粘贴在Putty的主机名称中，如下图：
4、在左边的“连接”——“S@#”——“认证”中，导入你刚才生成的PPK文件。
5、确定后，点击打开Putty就开始登录OpenShift空间服务器了，第一次会提示你保存保存密钥。
6、不需要输入用户名和密码，成功通过了密钥与公钥配对后，就会进入OpenShift空间服务器中。如下图：
四、OpenShift空间用S@#命令查看MysqL、空间配置信息和极速下载文件
1、用你的S@#成功进入了OpenShift空间后，执行下列命令。
2、可以看到你的OpenShift空间环境参数，最主要的就是你的MysqL数据库信息：密码、数据库名称、端口、主机地址等。
3、在上一篇关于是用的平台自带的Wordpress应用一键生成的，但是随后我们还得自己修改配置信息等。
4、为了避免上述麻烦，我们可以自己下载文件到OpenShift空间上，而不是从本地上传文件到OpenShift空间上。
5、上次就有朋友给部落留言说，OpenShift开通了S@#，建议使用S@#管理：wget然后解压，速度大概是5~9M每秒，完全可以实际瞬间下载文件的效果。
6、执行下列代码，可以在你的OpenShift空间几秒钟下载Wordpress简体中文包，并保存在dropbox文件中。
7、执行代码时，请将freeh换你自己的{appname}。
mkdir dropbox
cd dropbox
wget https://cn.wordpress.org/wordpress-3.4.2-zh_CN.zip
8、如果你使用Winscp来登录OpenShift空间的话。
9、可以在你的应用中看到已经生成的dropbox文件夹，注意图片中的路径。
10、进入Dropbox文件夹，你就可以看到自己已经下载的文件了。
11、利用Winscp强大的文件管理功能，你可以轻松使用文件复制、解压、删除等操作了。
五、OpenShift Redhat的高级另类应用
PS：日更新，应热心朋友的要求，本篇文章删除之前介绍OpenShift Redhat免费空间S@#另类应用，给部分朋友带来不便深感抱歉。
1、上次我们讲到时，就已经为大家展示了S@#的强大力量，而OpenShift Redhat的S@#账号当然有同样的效果。
2、先在S@#通道中添加一个端口号。如下图：
3、然后在你的浏览器或者其它的应用中添加一个本地的服务器，如下图：
4、同时将它作为默认的本地服务器。
5、完成浏览器设置后，使用Putty登录你的OpenShift Redhat服务器，再打开浏览器，这时候你已经“身在外”了。
6、如果你用的是IE浏览器，请在“局域网设置”中设置好本地服务器。
六、OpenShift空间使用小结
1、其实OpenShift Redhat空间的S@#管理权限更多是让我们来管理空间的，并不是用作“高级”用途，尤其是用作自动备份方面，OpenShift可谓占尽了优势。
2、OpenShift Redhat空间是一个难得的免费空间，如果想要维持长久下去，还得请大家不要滥用。像本篇文章介绍的“高级”应用最好是博主站长圈内交流，用的人越少越好。
文章出自：
版权所有。本站文章除注明出处外，皆为作者原创文章，可自由引用，但请注明来源。
您或许对下面这些文章有兴趣:&&&&&&&&&&&&&&&&&&&&本月吐槽辛苦排行榜
免费资源部落博客、论坛、问吧的创建者
经常混迹于各种免费资源中，尝鲜后乐于分享给他人。用WP搭建了部落博客，没事儿就折腾Wordpress，喜欢找免费空间，但只求精，稳定，耐用。有时也会介绍一点关于建站的知识和主机、服务器的使用心得与体会。
TA的专栏：&&|&&
关于本文的作者
所属分类：
链接地址：
浏览前页：
浏览后页：
部落快速搜索栏
热门点击排行榜
网站导航栏
免费资源重点推荐
最新文章推荐
部落最新评论列表
部落本月最受关注的热点
(热度73℃) (热度71℃) (热度66℃) (热度63℃) (热度61℃) (热度58℃) (热度58℃) (热度56℃) (热度52℃) (热度51℃) (热度51℃) (热度46℃) (热度43℃) (热度42℃) (热度41℃) (热度41℃) (热度40℃)
部落本月踩得最多的宝贝
(踩6,005次) (踩3,548次) (踩3,484次) (踩3,347次) (踩2,613次) (踩2,495次) (踩2,335次) (踩2,182次) (踩2,110次) (踩2,079次)
免费资源部落，是一个致力发布和推广来自世界各地的免费资源，包括多样实用的免费空间、各种优秀的免费软件、各样可用的免费网盘等个人博客网站。站长qi是一位很普通不过的人，长期关注网络空间、互联网、软件应用、程序开发与设计、网络应用等。免费资源部落成立的目的就是希望与更多人分享网络快乐与精彩！本站持续修改完善中，如遇不便还请谅解^_^温馨提示！由于新浪微博认证机制调整，您的新浪微博帐号绑定已过期，请重新绑定！&&|&&
LOFTER精选
网易考拉推荐
用微信&&“扫一扫”
将文章分享到朋友圈。
用易信&&“扫一扫”
将文章分享到朋友圈。
### Tweak for systemd way of setting INSECURE_REGISTRY### Ref: /engine/admin/systemd/mkdir -p /etc/systemd/system/docker.service.d
cat & /etc/systemd/system/docker.service.d/override.conf && '__EOF__'
ExecStart=
ExecStart=/usr/bin/docker daemon --storage-driver=overlay --insecure-registry 172.30.0.0/16 -H fd://
systemctl daemon-reload
systemctl enable docker
systemctl restart dockerFix DNS (as needed)tee -a /etc/hosts && '__EOF__'
192.168.1.145 osv3-single
__EOF__Step 2: Get the binariesmkdir /opt/openshift-origin-v1.2
chmod 755 /opt /opt/openshift-origin-v1.2
cd /opt/openshift-origin-v1.2
wget https://<//openshift/origin/releases/download/v1.2.0-rc1/openshift-origin-server-v1.2.0-rc1-061e6d4-linux-64bit.tar.gz
tar -zxvf openshift-origin-server-*.tar.gz --strip-components 1
rm -f openshift-origin-server-*.tar.gzStep 3: Set and load the environmentscat & /etc/profile.d/openshift.sh && '__EOF__'
export OPENSHIFT=/opt/openshift-origin-v1.2
export OPENSHIFT_VERSION=v1.2.0-rc1
export PATH=$OPENSHIFT:$PATH
export KUBECONFIG=$OPENSHIFT/openshift.local.config/master/admin.kubeconfig
export CURL_CA_BUNDLE=$OPENSHIFT/openshift.local.config/master/ca.crt
__EOF__chmod 755 /etc/profile.d/openshift.sh
. /etc/profile.d/openshift.sh# optional: pre-fetch required docker images
docker pull openshift/origin-pod:$OPENSHIFT_VERSION
docker pull openshift/origin-sti-builder:$OPENSHIFT_VERSION
docker pull openshift/origin-docker-builder:$OPENSHIFT_VERSION
docker pull openshift/origin-deployer:$OPENSHIFT_VERSION
docker pull openshift/origin-docker-registry:$OPENSHIFT_VERSION
docker pull openshift/origin-haproxy-router:$OPENSHIFT_VERSIONStep 4a: Generate OpenShift V3 configuration files./openshift start --write-config=openshift.local.config
chmod +r $OPENSHIFT/openshift.local.config/master/admin.kubeconfig
chmod +r $OPENSHIFT/openshift.local.config/master/openshift-registry.kubeconfig
chmod +r $OPENSHIFT/openshift.local.config/master/openshift-router.kubeconfigOptional: change the default router subdomain in master-config.yamlsed -i 's/router.default.svc.cluster.local//' \
$OPENSHIFT/openshift.local.config/master/master-config.yamlStep 4b: Add firewall rulesfirewall-cmd --permanent --zone=public --add-port=80/tcp
firewall-cmd --permanent --zone=public --add-port=443/tcp
firewall-cmd --permanent --zone=public --add-port=8443/tcp
firewall-cmd --reloadStep 4c: Launch OpenShift V3nohup ./openshift start &Or install as serviced daemon and then launch.cat & /etc/systemd/system/openshift-origin.service && '__EOF__'
Description=Origin Master Service
After=docker.service
Requires=docker.service
Restart=always
RestartSec=10s
ExecStart=/opt/openshift-origin-v1.2/openshift start
WorkingDirectory=/opt/openshift-origin-v1.2
WantedBy=multi-user.target
systemctl daemon-reload
systemctl enable openshift-origin
systemctl start openshift-originBasic product installation is completed. Congratulations![root@osv3-single openshift-origin-v1.1]# oc login -u system:admin -n default
You have access to the following projects and can switch between them with 'oc project &projectname&':
* default (current)
* openshift
* openshift-infra
Using project "default".Step 5a: Create an admin account# to create an admin user for management
oadm policy add-cluster-role-to-user cluster-admin adminStep 5b: Install the integrated registry (new version has simplified the process)mkdir /opt/openshift-registry
chcon -Rt svirt_sandbox_file_t /opt/openshift-registry
chown 1001.root /opt/openshift-registry
oadm policy add-scc-to-user privileged -z registry
oadm registry --service-account=registry --mount-host=/opt/openshift-registry[root@osv3-single openshift-origin-v1.2]# oc get svc docker-registry
CLUSTER-IP
EXTERNAL-IP
docker-registry
172.30.1.10
10mStep 5c: Install the routeroadm policy add-scc-to-user hostnetwork -z router
oadm router router --replicas=1 --service-account=routerVerify:[root@osv3-single openshift-origin-v1.2]# oc status
In project default on server https://192.168.1.145:8443
svc/docker-registry - 172.30.1.10:5000
dc/docker-registry deploys docker.io/openshift/origin-docker-registry:v1.2.0-rc1
deployment #1 deployed 9 minutes ago - 1 pod
svc/kubernetes - 172.30.0.1 ports 443, 53, 53
svc/router - 172.30.30.140 ports 80, 443, 1936
dc/router deploys docker.io/openshift/origin-haproxy-router:v1.2.0-rc1
deployment #1 deployed 2 minutes ago - 1 pod
View details with 'oc describe &resource&/&name&' or list everything with 'oc get all'.Step 6: Install the default image-streams (after registry is deployed and live)cd ~
git clone https://<//openshift/openshift-ansible.git
cd openshift-ansible/roles/openshift_examples/files/examples/latest/
for f in image-streams/image-streams-centos7. do cat $f | oc create -n openshift -f -; done
for f in db-templates/*. do cat $f | oc create -n openshift -f -; done
for f in quickstart-templates/*. do cat $f | oc create -n openshift -f -; doneEnjoy!
用微信&&“扫一扫”
将文章分享到朋友圈。
用易信&&“扫一扫”
将文章分享到朋友圈。
历史上的今天
在LOFTER的更多文章
loftPermalink:'',
id:'fks_',
blogTitle:'Install the latest OpenShift V3 on CentOS 7.x',
blogAbstract:'Install the latest OpenShift V3 on CentOS 7.x',
blogTag:'',
blogUrl:'blog/static/',
isPublished:1,
istop:false,
modifyTime:0,
publishTime:1,
permalink:'blog/static/',
commentCount:0,
mainCommentCount:0,
recommendCount:0,
bsrk:-100,
publisherId:0,
recomBlogHome:false,
currentRecomBlog:false,
attachmentsFileIds:[],
groupInfo:{},
friendstatus:'none',
followstatus:'unFollow',
pubSucc:'',
visitorProvince:'',
visitorCity:'',
visitorNewUser:false,
postAddInfo:{},
mset:'000',
remindgoodnightblog:false,
isBlackVisitor:false,
isShowYodaoAd:false,
hostIntro:'',
selfRecomBlogCount:'0',
lofter_single:''
{list a as x}
{if x.moveFrom=='wap'}
{elseif x.moveFrom=='iphone'}
{elseif x.moveFrom=='android'}
{elseif x.moveFrom=='mobile'}
${a.selfIntro|escape}{if great260}${suplement}{/if}
{list a as x}
推荐过这篇日志的人：
{list a as x}
{if !!b&&b.length>0}
他们还推荐了：
{list b as y}
转载记录：
{list d as x}
{list a as x}
{list a as x}
{list a as x}
{list a as x}
{if x_index>4}{break}{/if}
${fn2(x.publishTime,'yyyy-MM-dd HH:mm:ss')}
{list a as x}
{if !!(blogDetail.preBlogPermalink)}
{if !!(blogDetail.nextBlogPermalink)}
{list a as x}
{if defined('newslist')&&newslist.length>0}
{list newslist as x}
{if x_index>7}{break}{/if}
{list a as x}
{var first_option =}
{list x.voteDetailList as voteToOption}
{if voteToOption==1}
{if first_option==false},{/if}&&“${b[voteToOption_index]}”&&
{if (x.role!="-1") },“我是${c[x.role]}”&&{/if}
&&&&&&&&${fn1(x.voteTime)}
{if x.userName==''}{/if}
网易公司版权所有&&
{list x.l as y}
{if defined('wl')}
{list wl as x}{/list}