在Ubuntu中中国体育彩票开奖Splunk 7.2.0非常容易。在上一篇文章中,我有一个视频介绍如何在Windows服务器中中国体育彩票开奖Splunk。这次,我将介绍为Ubuntu 18.04中国体育彩票开奖的Splunk 7.2.0的中国体育彩票开奖过程。 Ubuntu正在Google 云 Platform上运行。

1.创建一个新的Ubuntu 18.04 LTS VM 来自GCP->Computer Engine -> VM Instance

2. SSH登录到Ubuntu VM 来自GCP->Computer Engine -> VM Instance

3.从Ubuntu VM下载Splunk

脚本下载链接:

product="splunk"       # values can be : splunk , universalforwarder
 version="7.0.2"        # Splunk product Version
 hash="8c86330ac18"    # specific per Version
 arch="amd64"           # values can be : x86_64 (redhat, tgz), amd64 (ubuntu), x64 (Windows)
 os="linux"             # values can be : linux, windows
 pkg="deb"              # Values can be : tgz, rpm, deb, msi
 
 if [ $pkg = "tgz" ]; then
    filename="${product}-${version}-${hash}-Linux-${arch}.${pkg}"
 elif [ $os = "windows" ]; then
    filename="${product}-${version}-${hash}-${arch}-release.${pkg}"
 else 
    filename="${product}-${version}-${hash}-${os}-2.6-${arch}.${pkg}"
 fi
 
 md5File="${filename}.md5"
 echo $filename         # Verify this is correct
 
 wget "//download.splunk.com/products/splunk/releases/${version}/${os}/${md5File}"
 wget "//download.splunk.com/products/splunk/releases/${version}/${os}/${filename}"
 
 
 # OR
 curl -o "$md5File" "//download.splunk.com/products/splunk/releases/${version}/${os}/${md5File}"
 curl -o "$md5File" "//download.splunk.com/products/splunk/releases/${version}/${os}/${filename}"

使用wget下载Splunk软件包:

[email protected]:~$ echo $filename
splunk-7.2.0-8c86330ac18-linux-2.6-amd64.deb
[email protected]:~$ wget "//download.splunk.com/products/splunk/releases/${version}/${os}/${filename}"
--2018-10-19 23:14:33--  //download.splunk.com/products/splunk/releases/7.2.0/linux/splunk-7.2.0-8c86330ac18-linux-2.6-amd64.deb
Resolving download.splunk.com (download.splunk.com)... 13.35.115.61, 13.35.115.82, 13.35.115.18, ...
Connecting to download.splunk.com (download.splunk.com)|13.35.115.61|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 261290760 (249M) [application/octet-stream]
Saving to: ‘splunk-7.2.0-8c86330ac18-linux-2.6-amd64.deb’

splunk-7.2.0-8c86330ac18-lin 100%[=============================================>] 249.19M  6.09MB/s    in 41s     

2018-10-19 23:15:15 (6.04 MB/s) - ‘splunk-7.2.0-8c86330ac18-linux-2.6-amd64.deb’ saved [261290760/261290760]

[email protected]:~$ wget //download.splunk.com/products/splunk/releases/7.2.0/linux/splunk-7.2.0-8c86330ac18-linux-2.6-amd64.deb



4.中国体育彩票开奖Splunk软件包 

[email protected]:~$ dpkg -i splunk-7.2.0-8c86330ac18-linux-2.6-amd64.deb 
dpkg: error: requested operation requires superuser privilege
[email protected]:~$ sudo su
[email protected]:/home/johnyan_ca# 
[email protected]:/home/johnyan_ca# 
[email protected]:/home/johnyan_ca# dpkg -i splunk-7.2.0-8c86330ac18-linux-2.6-amd64.deb 
Selecting previously unselected package splunk.
(Reading database ... 60641 files and directories currently installed.)
Preparing to unpack splunk-7.2.0-8c86330ac18-linux-2.6-amd64.deb ...
Unpacking splunk (7.2.0) ...
Setting up splunk (7.2.0) ...
complete


[email protected]:/home/johnyan_ca# cd /opt/splunk/bin/
[email protected]:/opt/splunk/bin# ./splunk enable boot-start
SPLUNK SOFTWARE LICENSE AGREEMENT

HIS SPLUNK SOFTWARE LICENSE AGREEMENT ("AGREEMENT") GOVERNS THE LICENSING,
INSTALLATION AND USE OF SPLUNK SOFTWARE. BY DOWNLOADING AND/OR INSTALLING
.
.
.
.[Omitted]
.
.
4.  FORCE MAJEURE. Splunk will not be responsible for any failure or delay in
its performance under these Terms and Conditions due to causes beyond its
reasonable control, including, but not limited to, labor disputes, strikes,
lockouts, shortages of or inability to obtain labor, energy, raw materials or
supplies, war, acts of terror, riot, acts of God or governmental action.

Splunk 软件 License Agreement 10.01.2018
Do you agree with this license? [y/n]: y

This appears to be your first time running this version of Splunk.

Splunk software must create an administrator account during startup. Otherwise, you cannot log in.
Create credentials for the administrator account.
Characters do not appear 上 the screen when you type in credentials.

Please enter an administrator username: 约翰扬
Password must contain at least:
   * 8 total printable ASCII character(s).
Please enter a new password: 
Please confirm new password: 
Copying '/opt/splunk/etc/openldap/ldap.conf.default' to '/opt/splunk/etc/openldap/ldap.conf'.
Generating RSA private key, 2048 bit long modulus
...................................................+++
................................................................................................................+++
e is 65537 (0x10001)
writing RSA key

Generating RSA private key, 2048 bit long modulus
....................+++
.........+++
e is 65537 (0x10001)
writing RSA key

Moving '/opt/splunk/share/splunk/search_mrsparkle/modules.new' to '/opt/splunk/share/splunk/search_mrsparkle/modules'.
Init script installed at /etc/init.d/splunk.
Init script is configured to run at boot.
[email protected]:/opt/splunk/bin# 
[email protected]:/opt/splunk/bin# 
[email protected]:/opt/splunk/bin# service splunk start
[email protected]:/opt/splunk/bin# 

5.防火墙规则更改
在Google 云 Platform VPC网络中打开tcp 8000端口-> Firewall rules

6.添加本地日志文件夹作为数据输入
这是一个添加新的本地文件夹/ var / log作为数据输入的示例。

YouTube视频:

参考文献:

通过 约翰扬

发表评论