Splunk is a software platform to search, analyze and visualize the machine-generated data gathered from the websites, applications, sensors, devices etc. which make up your IT infrastructure and business.
Mainly Splunk does these things:
- Ingests Data
- Parses, indexes and stores data
- Runs searches on index data
For more info visit: https://www.splunk.com/
Installation
1. Go to Splunk site and register for Free Splunk.
- https://www.splunk.com/
2. Go to Products – Free trials & Downloads
- Download Free 60 days trial
3. Choose the platform, and click download
- Windows
- Linux
- Mac OS
Note: I downloaded .tgz file, as I’m running Ubuntu
4. Use tar extract
- tar -zxf <filename>.tgz
5. Access the splunk directory
- cd splunk/bin
- ls
6. Start the service & accept the license (this is to skip reading)
- sudo ./splunk start –accept-license
7. Fill the information required
- Username: admin1
- Password: administrator123
8. Notice that the service has started and we can access the Splunk local service
9. We can check the process tatus
- sudo ./splunk status
10. Open a browser and go to http://127.0.0.1:8000 & log in
- admin1
- administrator1
11. After successful authentication, you get to the main page
