VMware admin / Splunk noob: install and configure Splunk

0 Flares Twitter 0 Facebook 0 LinkedIn 0 Email -- 0 Flares ×

In a previous post, I described how is possible to manage at best vSphere logs. One of the most powerful tools existing on the market is for sure Splunk. The licensing model of Splunk is based on the daily amount of log an installed system can handle. There is a totally free license, limited to 500 Mb daily amount and without many additional modules (and the one for VMware is among those), or the Enterprise edition, starting from 500 Mb (and many more features) at 5000 USD for the perpetual license or 2000 USD for the year subscription, increasing then from here as log amount increases.

It’s not for sure a product for everybody, but its power really justifies its price.

In this first article, I will show you how to install and configure Splunk.

for my tests, I used a virtual machine with CentOS 6.4 64 bit. There are many supported operating systems, and you can also use Windows or Solaris, or even FreeBSD or Mac OS X.

Once you registered yourself into the Splunk website, you can download the installer binary, in my case an RPM file (38 MB in size). The installation requires really few prerequisites, and you can check everything before starting in this web page.

The installation process is really simple, since it’s only one command:

Once Splunk is installed, you can start it manually, or even better you can register Splunk as a service to be started at boot. To do so, the command is:

In this way, Splunk is registered into the CentOS services, and to start it you can run the usual service syntax:

 

Once Splunk is started, as suggested during the service startup, you can login into the web interface to configure and manage it. After forcing the admin password change (excellent move!), you will find the startup page:

Splunk Home Page

Going into the Manager menu in the upper right, you can configure the Licensing and Settings:

Splunk Manager options

In the next articles, I will show you how to connect a vSphere environment to Splunk to collect and analyze data.

One thought on “VMware admin / Splunk noob: install and configure Splunk

  1. Pretty! This has been an incredibly wonderful post.
    Many thanks for providing this information.

Comments are closed.