Splunk® Enterprise

Search Tutorial

Download manual as PDF

This documentation does not apply to the most recent version of Splunk. Click here for the latest version.
Download topic as PDF

What you need for this tutorial

Before you can start this tutorial, download, install, and start Splunk Enterprise.

If you have access to a running Splunk server instance, skip this section and start with Part 2: Getting started with Splunk.

System requirements

Splunk Enterprise runs on most computing platforms: Linux, UNIX, Windows, and Mac OS. For this tutorial, you need a computer or laptop that meets the specifications listed in the table.

Platform Minimum supported hardware capacity
Non-Windows platforms 1x1.4 GHz CPU, 1 GB RAM
Windows platforms Pentium 4 or equivalent at 2Ghz, 2GB RAM

After you install Splunk, access it using a web browser. Splunk 6.0+ supports the latest versions of Firefox, Chrome, and Safari browsers.

This is a snapshot of the Splunk Enterprise system requirements. See the "System Requirements" topic in the Installation manual.

Download the latest version of Splunk Enterprise

Download the latest version of Splunk Enterprise from the download page on Splunk.com.

If you are not logged into Splunk.com, click the download package to go to a registration form. If you do not have a Splunk.com account, sign up for one.

This tutorial focuses on Linux, Windows, and Mac OS X. The differences between OS-specific functionality are mentioned throughout this tutorial.

  • Splunk provides three install options for Linux, an RPM download for RedHat, a DEB package for Debian Linux, and a tar file installer. For this tutorial, you can use any of these installers.
  • Splunk provides two Windows installers, an MSI file and a compressed zip file. For this tutorial, use the MSI file graphical installer.
  • Splunk provides two Mac OS X installers, a DMG package and a tar file installer. For this tutorial, use the DMG packaged graphical installer.

Splunk licenses

Splunk licenses limit the volume of data that your Splunk installation can index in a single day. Splunk runs with either an Enterprise license or a Free license. When you download Splunk for the first time, you get an Enterprise trial license that expires after 60 days. This trial license entitles the server to 500PM per day indexing volume and all of the Enterprise features. See more about "Types of Splunk licenses" in the Admin manual.

Next steps

The remaining topics of this section take you through installing and starting Splunk Enterprise.

About the Search Tutorial
Install Splunk Enterprise on Linux, Windows, or Mac OS X

This documentation applies to the following versions of Splunk® Enterprise: 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, 6.0.7, 6.0.8, 6.0.9, 6.0.10, 6.0.11, 6.0.12, 6.0.13, 6.0.14, 6.0.15, 6.1, 6.1.1, 6.1.2, 6.1.3, 6.1.4, 6.1.5, 6.1.6, 6.1.7, 6.1.8, 6.1.9, 6.1.10, 6.1.11, 6.1.12, 6.1.13, 6.1.14

Was this documentation topic helpful?

Enter your email address, and someone from the documentation team will respond to you:

Please provide your comments here. Ask a question or make a suggestion.

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters