
Start and stop Splunk UBA services from the command line
Use some common command line interface (CLI) commands to perform administrative tasks in Splunk UBA.
To run these commands, log in to the Splunk UBA management node as the caspida user.
Task | CLI Commands |
---|---|
Stop and start the Splunk UBA web interface. | Run the following commands on the management node:
sudo service caspida-ui stop sudo service caspida-ui start |
Stop and start the resource monitor services. | Run the following commands on the management node:
sudo service caspida-resourcesmonitor stop sudo service caspida-resourcesmonitor start You can also tail -f /var/log/caspida/monitor/resourcesMonitor.out |
Synchronize configuration changes to all nodes in a distributed deployment. | In any distributed deployment, changes to the /etc/caspida/local/conf/uba-site.properties file must be synchronized to all nodes in the cluster. To do this, run the following command on the management node:
/opt/caspida/bin/Caspida sync-cluster /etc/caspida/local/conf See Manage Splunk UBA configuration properties in the uba-site.properties file for information about setting Splunk UBA configuration properties. |
Stop and start Splunk UBA services only on all nodes. The following services are stopped:
|
Run the following command on the management node:
/opt/caspida/bin/Caspida stop /opt/caspida/bin/Caspida start |
Stop and start Splunk UBA services (listed with the /opt/caspida/bin/Caspida stop/start command) and all dependent platform services on all nodes:
|
Run the following command on the management node:
/opt/caspida/bin/Caspida stop-all /opt/caspida/bin/Caspida start-all |
Stop and start the Splunk UBA containers. | Run the following command on the management node:
/opt/caspida/bin/Caspida stop-containers /opt/caspida/bin/Caspida start-containers |
Stop and start the Splunk UBA data sources. | Run the following command on the management node:
/opt/caspida/bin/Caspida stop-datasources /opt/caspida/bin/Caspida start-datasources |
Check the version number of your Splunk UBA packages. | Run the following command on Ubuntu systems:
wget --version Run the following command on other supported Linux systems: rpm -qa | grep wget |
Get a list of the nodes in your Splunk UBA cluster. | grep caspida.cluster.nodes /opt/caspida/conf/deployment/caspida-deployment.conf |
PREVIOUS Determine which version of Splunk UBA you are running |
NEXT Manage Splunk UBA configuration properties in the uba-site.properties file |
This documentation applies to the following versions of Splunk® User Behavior Analytics: 5.0.0, 5.0.1, 5.0.2, 5.0.3, 5.0.4, 5.0.4.1, 5.0.5, 5.0.5.1, 5.1.0, 5.1.0.1, 5.2.0, 5.2.1, 5.3.0
Feedback submitted, thanks!