Install Splunk Enterprise
These steps apply only to Splunk Enterprise. If you're using Splunk Cloud Platform, go to Navigating Splunk Web.
You can install Splunk Enterprise on the following operating systems.
For other installers or other supported operating systems, see the step-by-step installation instructions for those platforms. After installing Splunk Enterprise, you can continue to Navigating Splunk Web.
Linux installation instructions
Splunk Enterprise provides three Linux installer options: an RPM, a DEB, or a .tgz file.
Prerequisite
You must have access to a command-line interface (CLI). When you type in the installation commands, replace splunk_package_name
with the file name of the Splunk Enterprise installer that you downloaded.
Install the Splunk Enterprise RPM
You can install the Splunk Enterprise RPM in the default directory /opt/splunk
, or in a different directory.
- Use the CLI to install Splunk Enterprise.
- To install into the default directory, type
rpm -i splunk_package_name.rpm
. - To install into a different directory, add the
--prefix
flag to the installation command.
For example, typerpm -i --prefix=/opt/new_directory splunk_package_name.rpm
.
- To install into the default directory, type
- Go to the steps to Launch Splunk Web.
Install the Splunk Enterprise DEB package
- You can install the Splunk Enterprise DEB only into the
/opt/splunk
directory. - This location must be a regular directory, and cannot be a symbolic link.
- You must have access to the root user or have sudo permissions to install the package.
- The package does not create environment variables to access the Splunk Enterprise installation directory. You must set those variables on your own.
If you need to install Splunk Enterprise somewhere else, or if you use a symbolic link for /opt/splunk
, then use a TAR file to install the software.
- In the CLI, type
dpkg -i splunk_package_name.deb
. - Go to the steps to Launch Splunk Web.
Install the Splunk Enterprise .tgz file
Knowing the following items helps ensure a successful installation with a compressed TAR file:
- Some non-GNU versions of
tar
might not have the-C
argument available. In this case, to install in/opt/splunk
, eithercd
to/opt
or place the tar file in/opt
before you run thetar
command. This method works for any accessible directory on your host file system. - Splunk Enterprise does not create the
splunk
user. If you want Splunk Enterprise to run as a specific user, you must create the user manually before you install. - Confirm that the disk partition has enough space to hold the uncompressed volume of the data you plan to keep indexed.
- To install Splunk Enterprise on a Linux system, expand the TAR file into an appropriate directory using the
tar
command. The default installation directory issplunk
in the current working directory.
To install into/opt/splunk
, use the following command with the-C
argument.
tar xvzf splunk_package_name.tgz -C /opt
- Go to the steps to Launch Splunk Web.
Windows installation instructions
For this tutorial you will install Splunk Enterprise using the default installation settings, which run the software as the Local System user, admin
.
- Navigate to the folder or directory where the installer is located.
- Double-click the
splunk.msi
file to start the installer. - In the Welcome panel, read the License Agreement and click Check this box to accept the license agreement.
- Click Next.
- A terminal window appears and you are prompted to specify an administrator userid and password to use with the Splunk Trial.
The password must be at least 8 characters in length. The cursor will not advance as you type.
Make note of the userid and password. You will use these credentials to login Splunk Enterprise. - Click Next.
- (Optional) You are prompted to create a shortcut on the Start Menu. If you want to do this, click Create Start Menu shortcut.
- Click Install.
- In the Installation Complete panel, confirm that the Launch browser with Splunk check box is selected.
- Click Finish.
The installation finishes, Splunk Enterprise starts, and Splunk Web launches in a browser window. - Go to the steps to Launch Splunk Web.
For other user options or to perform a custom installation, see the instructions for Install on Windows in the Installation Manual.
macOS installation instructions
Splunk Enterprise is supported only on versions 10.14 and 10.15.
- Navigate to the folder or directory where the installer is located.
- Double-click the DMG file.
A Finder window that contains thesplunk.pkg
opens. - Double-click the
Install Splunk
icon to start the installer. - The Introduction panel lists version and copyright information. Click Continue.
- The License panel lists shows the software license agreement. Click Continue.
- You will be asked to agree to the terms of the software license agreement. Click Agree.
- In the Installation Type panel, click Install. This installs Splunk Enterprise in the default directory
/Applications/splunk
. - You are prompted to type the password that you use to login to your computer.
- When the installation finishes, a popup informs you that an initialization must be performed. Click OK.
- A terminal window appears and you are prompted to specify an administrator userid and password to use with the Splunk Trial.
The password must be at least 8 characters in length. The cursor will not advance as you type.
Make note of the userid and password. You will use these credentials to login Splunk Enterprise. - A popup appears asking what you would like to do. Click Start and Show Splunk. The login page for Splunk Enterprise opens in your browser window.
- Close the Install Splunk window.
The installer places a shortcut on the Desktop so that you can launch Splunk Enterprise from your Desktop any time.
- Go to the steps to Launch Splunk Web.
Next step
See also
Install on Linux in the Installation Manual.
What you need for this tutorial | Launch Splunk Web |
This documentation applies to the following versions of Splunk Cloud Platform™: 9.3.2408, 8.2.2201, 8.2.2202, 8.2.2203, 9.0.2208, 8.2.2112, 9.0.2205, 9.0.2209, 9.0.2303, 9.0.2305, 9.1.2308, 9.1.2312, 9.2.2403, 9.2.2406 (latest FedRAMP release)
Feedback submitted, thanks!