Overview

This guide describes the installation process for Splunk in GEM 2.6. To complete the process, please ensure that you have downloaded the correct version (splunk-x.x.x-x-Linux-x86_64.tgz) of Splunk that you require from the Download Splunk Enterprise page (https://www.splunk.com/en_us/download/splunk-enterprise.html).

If you are planning to use Splunk environments to create Splunk clusters do not use the steps described here.

To check the version of Splunk supported by the GEM OS you have running on our appliances, please check the release notes here: https://support.geminidata.com/releases/.

Installation Procedure

Log in to the web interface as the user 'admin'.

At the Home screen, locate the Splunk window and choose Activate. The Splunk tab is automatically added to the left-hand navigation, and it will automatically redirect to the Splunk menu.

To begin the installation:

  1. Select Daemon.
  2. Select Upload & Install.
  3. Select Upload.
  4. Select the uploaded Linux-x86_64 file from the drop-down menu. You can elect to change the default admin credentials prior to the upload, or you can do so at a later stage.
  5. Select Install.
  6. Select Accept and Install Splunk Enterprise.

As soon as the installation finishes, you are able to optimize Splunk's role on this particular machine. The options are:

  • All-in-one
  • Search Head
  • Indexer
  • Forwarder

Depending on the chosen option, some default settings will be applied to your Splunk configuration. Each item will be written directly into the associated config file in $SPLUNK_HOME/etc/system/local/, overwriting existing keys if they exist. Please review carefully what has been applied to the environment.

Restart Splunk immediately to apply the changes unless you plan to make more configuration changes, in which case 'restart' Splunk when all configuration changes have been applied.