What you need for this tutorial
You need to create a Splunk.com account, access the free trial Splunk software, and download the tutorial data files. There might be other prerequisites, depending on which Splunk platform you use.
Create a Splunk.com account
You need a Splunk.com account to download the free trial Splunk software. If you don't already have a Splunk.com account, you need to create an account. If you already have an account, you need to login to that account.
1. Go to http://www.splunk.com/.
2. Create an account, or login to an existing account.
- To create an account, click My Account > Sign Up. Enter the registration information.
- To log in to an existing account, click My Account > Login.
Ensure that your computer meets the system requirements.
- You can use this tutorial on Linux, Windows, and Mac OS. For this tutorial, your computer must meet the specifications listed in this table.
Requirement Minimum supported hardware capacity Non-Windows platforms 1x1.4GHz CPU, 1GB RAM Windows platforms Pentium 4 or equivalent at 2GHz, 2GB RAM Web browser The latest versions of Chrome, Firefox, and Safari browsers are supported with Splunk Enterprise 6.0+
- You must have a Web browser. The latest versions of Chrome, Firefox, and Safari browsers are supported with Splunk Cloud.
Access the trial version of the Splunk software
For this tutorial, use the latest version of the software.
- If it has been awhile since you downloaded the Splunk Trial software, download the trial software again. It is possible that the Trial license converted to a Free license. The Free license has some limitations. See Splunk trial licenses for more information.
- 1. Identify the installer that you want use with the tutorial.
Operating system Available installers For this tutorial Linux 3 installers. An RPM download for RedHat, a DEB package for Debian Linux, and a TAR file installer. Use any of the installers. Mac OS X 2 installers. A DMG package and a TAR file installer. Use the DMG packaged graphical installer. Windows Splunk Enterprise: 2 installers. An MSI file and a compressed ZIP file. Use the MSI file graphical installer.
- 2. Download the free trial version of the installer for Splunk Enterprise.
- For this tutorial, setup a trial version of Splunk Cloud.
- 1. Start a trial version of Splunk Cloud.
- 2. Follow the prompts on the website. Your trial version opens in a browser window.
- Additionally, an email is sent to you with information about your Splunk Cloud URL.
Download the tutorial data files
This tutorial uses a fictitious game store, called Buttercup Games, that sells games and related items in an online store.
You must download several data files to use with the tutorial. The data files contain web access log files, secure formatted log files, sales log files, and a price list in a CSV file.
1. Download the
tutorialdata.zip file. Do not uncompress the
2. Download the
3. In the download location, uncompress the
Splunk trial licenses
The trial licenses have time limitations and data volume limitations.
- When you download Splunk Enterprise for the first time, you get an Enterprise Trial license for 60 days. This Enterprise Trial license includes all of the features, but limits the amount of data that you can index each day. The limit is 500MB.
- After 60 days, the Enterprise Trial license converts to a Free license and some of the features, such as authentication and alerting, are disabled. The Free license also includes the 500MB each day of indexing volume, but has no expiration date.
- When you start a Splunk Cloud free trial, you have access to Splunk Cloud for 15 days. This Cloud trial license includes all of the features, but limits the amount of data that you can index each day. The limit is 5GB a day for a maximum of 50GB total.
The next step depends on the Splunk product that you are using.
- You must install Splunk Enterprise.
- If you see a window welcoming you to the Splunk Free Cloud Trial and inviting you to Drop your data file here, close that window. You will upload the tutorial data In Part 3. For now, go to Navigating Splunk Web.
About the Search Tutorial
Install Splunk Enterprise on Linux, Windows, or Mac OS X
This documentation applies to the following versions of Splunk® Enterprise: 6.2.0, 6.2.1, 6.2.2, 6.2.3, 6.2.4, 6.2.5, 6.2.6, 6.2.7, 6.2.8, 6.2.9, 6.2.10, 6.2.11, 6.2.12, 6.2.13, 6.3.0, 6.3.1, 6.3.2, 6.3.3, 6.3.4, 6.3.5, 6.3.6, 6.3.7, 6.3.8, 6.3.9, 6.3.10, 6.3.11, 6.3.12