Documentation > Splunk > Installation Manual > Install on Solaris

Installation Manual

 


Welcome to the Splunk Installation Manual
Step by step installation procedures
Start Splunk for the first time
Upgrade from an earlier version
Other setup tasks
What comes next?
Reference

Install on Solaris

This documentation does not apply to the most recent version of Splunk. Click here for the latest version.

Contents

Install on Solaris

This topic provides the procedures for installing Splunk on Solaris.

Upgrading?

If you are upgrading, first review the upgrade documentation later in this manual and check READ THIS FIRST for any migration considerations before proceeding to the instructions in this topic.

Install Splunk

Splunk for Solaris is available as a PKG file or a tarball.

PKG file install

The PKG installation package includes a request file that prompts you to answer a few questions before Splunk installs. 

pkgadd -d ./splunk_product_name.pkg

A list of the available packages is displayed.

  • Select the packages you wish to process (the default is "all").

The installer then prompts you to specify a base installation directory.

  • To install into the default directory, /opt/splunk, leave this blank.

PKG file upgrade

To upgrade an existing Splunk installation using a PKG file, you should use the instance parameter, either in the system's default package installation configuration file (/var/sadm/install/admin/default) or in a custom configuration file that you define and call.

In the default or custom configuration file, set instance=overwrite. This will prevent the upgrade from creating a second splunk package (with instance=unique), or failing (with instance=quit). For information about the instance parameter, see the Solaris man page (man -s4 admin).

To upgrade Splunk using the system's default package installation file, use the same command line as you would for a fresh install. 

pkgadd -d  ./splunk_product_name.pkg

You will be prompted to overwrite any changed files, answer yes to every one.

To upgrade using a custom configuration file, type: 

pkgadd -a conf_file -d ./splunk_product_name.pkg

To run the upgrade silently (and not have to answer yes for every file overwrite), type: 

pkgadd -n -d  ./splunk_product_name.pkg

Tarball install

To install Splunk on a Solaris system, expand the tarball into an appropriate directory using the tar command: 

tar xvzf splunk_package_name.tgz

The default install directory is splunk in the current working directory. To install into /opt/splunk, use the following command: 

tar xvzf splunk_package_name.tgz -C /opt

Note: When you install Splunk with a tarball:

  • Some non-GNU versions of tar might not have the -C argument available. In this case, if you want to install in /opt/splunk, either cd to /opt or place the tarball in /opt before running the tar command. This method will work for any accessible directory on your machine's filesystem.
  • Splunk does not create the splunk user automatically. If you want Splunk to run as a specific user, you must create the user manually before installing.
  • Ensure that the disk partition has enough space to hold the uncompressed volume of the data you plan to keep indexed.

What gets installed

Splunk package info: 

pkginfo -l splunk

List all packages: 

pkginfo

Start Splunk

Splunk can run as any user on the local system. If you run Splunk as a non-root user, make sure that Splunk has the appropriate permissions to read the inputs that you specify. For more information, refer to the instructions on running Splunk as a non-root user.

To start Splunk from the command line interface, run the following command from $SPLUNK_HOME/bin directory (where $SPLUNK_HOME is the directory into which you installed Splunk): 

 ./splunk start


By convention, Splunk's documentation uses:

  • $SPLUNK_HOME to identify the path to your Splunk installation.
  • $SPLUNK_HOME/bin/ to indicate the location of the command line interface.

Startup options

The first time you start Splunk after a new installation, you must accept the license agreement. To start Splunk and accept the license in one step: 

 $SPLUNK_HOME/bin/splunk start --accept-license

Note: There are two dashes before the accept-license option.

Launch Splunk Web and log in

After you start Splunk and accept the license agreement,

1. In a browser window, access Splunk Web at http://mysplunkhost:port, where:

  • mysplunkhost is the host machine.
  • port is the port you specified during the installation (8000).

2. Splunk Web prompts you for login information (default, username admin and password changeme) before it launches. If you switch to Splunk Free, you will bypass this logon page in future sessions.

What's next?

Now that you've installed Splunk, what comes next?

Uninstall Splunk

Use your local package management commands to uninstall Splunk. In most cases, files that were not originally installed by the package are retained. These files include your configuration and index files which are under your installation directory. 

pkgrm splunk
Retrieved from "http://docs.splunk.com/Documentation/Splunk/4.3.2/Installation/InstallonSolaris"

This documentation applies to the following versions of Splunk: 4.3 , 4.3.1 , 4.3.2 , 4.3.3 , 4.3.4 , 4.3.5 , 4.3.6 View the Article History for its revisions.


You must be logged into splunk.com in order to post comments. Log in now.

Was this documentation topic helpful?

If you'd like to hear back from us, please provide your email address:

We'd love to hear what you think about this topic or the documentation as a whole. Feedback you enter here will be delivered to the documentation team.

Feedback submitted, thanks!