![]() ![]() If you're looking for additional uses or options for a CLI command object, review the REST API Reference Manual and search for the object name.Įxec, forward-server, index, licenser-pools, licenses, manager, monitor, oneshot, saved-search, search-server, tcp, udp, userġ. Most administrative CLI commands are offered as an alternative interface to the Splunk Enterprise REST API without the need for the curl command. An object is something you perform an action on. See the "Universal parameters" section of Get help with the CLI.Ī command is an action that you can perform. ![]() Some commands can take extra parameters like -uri or -auth.Some commands have a default parameter that can be specified by its value alone.Some commands don't require an object or parameters.The general syntax for a CLI command is this: Read more about setting up and managing Splunk users and roles in the About users and roles topic in the Admin Manual. Most actions require you to have Splunk admin privileges. Your Splunk role configuration dictates what actions (commands) you can execute. If you're looking for details about how to run searches from the CLI, see About CLI searches in the Search Reference. To learn how to uninstall Splunk Enterprise, see Uninstall Splunk Enterprise.This topic discusses the administrative CLI commands, which are the commands used to manage or configure your Splunk server and distributed deployment.įor information about accessing the CLI and what is covered in the CLI help, see the previous topic, Get help with the CLI. See Configure Splunk software to start at boot time. See Start Splunk Enterprise for the first time. Start it and create administrator credentials.Now that you have installed Splunk Enterprise: To view an example on how to change the default shell to bash, see at StackExchange. If you run Debian Linux, consider changing your default shell to be bash. Using the dash shell can result in zombie processes - processes that have completed execution, yet remain in the process table and cannot be killed or removed. Splunk Enterprise expects to run commands using the bash shell, and bash to be available from /bin/sh. On later versions of Debian Linux (for example, Debian Squeeze), the default non-interactive shell is the dash shell. Information on expected default shell and caveats for Debian shells Expand the tar file into an appropriate directory using the tar command:.Confirm that the disk partition has enough space to hold the uncompressed volume of the data you plan to keep indexed.If you want Splunk Enterprise to run as a specific user, you must create the user manually before you install. Splunk Enterprise does not create the splunk user.This method works for any accessible directory on your host file system. In this case, to install in /opt/splunk, either cd to /opt or place the tar file in /opt before you run the tar command. Some non-GNU versions of tar might not have the -C argument available.Knowing the following items helps ensure a successful installation with a tar file: Tar file installation What to know before installing with a tar file If you are upgrading, see How to upgrade Splunk Enterprise for instructions and migration considerations before you upgrade. The universal forwarder is a separate executable, with a different installation package and its own set of installation procedures. To install the Splunk universal forwarder, see Install a *nix universal forwarder in the Universal Forwarder manual. You can install Splunk Enterprise on Linux using RPM or DEB packages or a tar file, depending on the version of Linux your host runs. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |