Splunk Cloud Platform

Search Tutorial

Install Splunk Enterprise

These steps apply only to Splunk Enterprise. If you're using Splunk Cloud Platform, go to Navigating Splunk Web.

You can install Splunk Enterprise on the following operating systems.

For other installers or other supported operating systems, see the step-by-step installation instructions for those platforms. After installing Splunk Enterprise, you can continue to Navigating Splunk Web.

Linux installation instructions

Splunk Enterprise provides three Linux installer options: an RPM, a DEB, or a .tgz file.

Prerequisite
You must have access to a command-line interface (CLI). When you type in the installation commands, replace splunk_package_name with the file name of the Splunk Enterprise installer that you downloaded.

Install the Splunk Enterprise RPM

You can install the Splunk Enterprise RPM in the default directory /opt/splunk, or in a different directory.

  1. Use the CLI to install Splunk Enterprise.
    • To install into the default directory, type rpm -i splunk_package_name.rpm.
    • To install into a different directory, add the --prefix flag to the installation command.
      For example, type rpm -i --prefix=/opt/new_directory splunk_package_name.rpm.
  2. Go to the steps to Launch Splunk Web.

Install the Splunk Enterprise DEB package

  • You can install the Splunk Enterprise DEB only into the /opt/splunk directory.
  • This location must be a regular directory, and cannot be a symbolic link.
  • You must have access to the root user or have sudo permissions to install the package.
  • The package does not create environment variables to access the Splunk Enterprise installation directory. You must set those variables on your own.

If you need to install Splunk Enterprise somewhere else, or if you use a symbolic link for /opt/splunk, then use a TAR file to install the software.

  1. In the CLI, type dpkg -i splunk_package_name.deb.
  2. Go to the steps to Launch Splunk Web.

Install the Splunk Enterprise .tgz file

Knowing the following items helps ensure a successful installation with a compressed TAR file:

  • Some non-GNU versions of tar might not have the -C argument available. In this case, to install in /opt/splunk, either cd to /opt or place the tar file in /opt before you run the tar command. This method works for any accessible directory on your host file system.
  • Splunk Enterprise does not create the splunk user. If you want Splunk Enterprise to run as a specific user, you must create the user manually before you install.
  • Confirm that the disk partition has enough space to hold the uncompressed volume of the data you plan to keep indexed.
  1. To install Splunk Enterprise on a Linux system, expand the TAR file into an appropriate directory using the tar command. The default installation directory is splunk in the current working directory.

    To install into /opt/splunk, use the following command with the -C argument.
    tar xvzf splunk_package_name.tgz -C /opt
    
  2. Go to the steps to Launch Splunk Web.

Windows installation instructions

For this tutorial you will install Splunk Enterprise using the default installation settings, which run the software as the Local System user, admin.

  1. Navigate to the folder or directory where the installer is located.
  2. Double-click the splunk.msi file to start the installer.
  3. In the Welcome panel, read the License Agreement and click Check this box to accept the license agreement.
  4. Click Next.
  5. A terminal window appears and you are prompted to specify an administrator userid and password to use with the Splunk Trial.

    The password must be at least 8 characters in length. The cursor will not advance as you type.
    Make note of the userid and password. You will use these credentials to login Splunk Enterprise.

  6. Click Next.
  7. (Optional) You are prompted to create a shortcut on the Start Menu. If you want to do this, click Create Start Menu shortcut.
  8. Click Install.
  9. In the Installation Complete panel, confirm that the Launch browser with Splunk check box is selected.
  10. Click Finish.
    The installation finishes, Splunk Enterprise starts, and Splunk Web launches in a browser window.
  11. Go to the steps to Launch Splunk Web.

For other user options or to perform a custom installation, see the instructions for Install on Windows in the Installation Manual.

macOS installation instructions

Splunk Enterprise is supported only on versions 10.14 and 10.15.

  1. Navigate to the folder or directory where the installer is located.
  2. Double-click the DMG file.
    A Finder window that contains the splunk.pkg opens.
  3. Double-click the Install Splunk icon to start the installer.
  4. The Introduction panel lists version and copyright information. Click Continue.
  5. The License panel lists shows the software license agreement. Click Continue.
  6. You will be asked to agree to the terms of the software license agreement. Click Agree.
  7. In the Installation Type panel, click Install. This installs Splunk Enterprise in the default directory /Applications/splunk.
  8. You are prompted to type the password that you use to login to your computer.
  9. When the installation finishes, a popup informs you that an initialization must be performed. Click OK.
  10. A terminal window appears and you are prompted to specify an administrator userid and password to use with the Splunk Trial.

    The password must be at least 8 characters in length. The cursor will not advance as you type.
    Make note of the userid and password. You will use these credentials to login Splunk Enterprise.

  11. A popup appears asking what you would like to do. Click Start and Show Splunk. The login page for Splunk Enterprise opens in your browser window.
  12. Close the Install Splunk window.

    The installer places a shortcut on the Desktop so that you can launch Splunk Enterprise from your Desktop any time.

  13. Go to the steps to Launch Splunk Web.

Next step

Launch Splunk Web

See also

Install on Linux in the Installation Manual.

Last modified on 23 June, 2022
What you need for this tutorial   Launch Splunk Web

This documentation applies to the following versions of Splunk Cloud Platform: 9.2.2406 (latest FedRAMP release), 8.2.2201, 8.2.2202, 8.2.2203, 9.0.2205, 9.0.2208, 9.0.2209, 9.0.2303, 9.0.2305, 9.1.2308, 9.1.2312, 9.2.2403, 8.2.2112


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters