- I created a user to run this application and created an application folder for the installation
# groupadd splunk
# useradd -d /opt/splunk -m -g splunk splunk
# su - splunk
- Download Splunk Enterprise version here or wget
# wget https://download.splunk.com/products/splunk/releases/7.0.0/linux/splunk-7.0.0-c8a78efdd40f-Linux-x86_64.tgz
# tar xvf splunk-7.0.0-c8a78efdd40f-Linux-x86_64.tgz
# cp -r splunk/ /opt
# chown -R splunk: /opt/splunk/
- Allow web access on port tcp 8000, syslog on udp 5514
# firewall-cmd --zone=public --permanent --add-port=8000/tcp
# firewall-cmd --zone=public --permanent --add-port=5514/udp
# su - splunk
$ cd bin/
$ ./splunk start --accept-license