-
Notifications
You must be signed in to change notification settings - Fork 0
/
setup_splunk
executable file
·31 lines (25 loc) · 1.19 KB
/
setup_splunk
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
#!/bin/bash
SPLUNK_VERSION=5.0.4
# Currently supported versions are:
# 3.4, 3.4.1, 3.4.2, 3.4.3, 3.4.5,
# 3.4.6, 3.4.8, 3.4.9, 3.4.10, 3.4.11,
# 3.4.12, 3.4.13, 3.4.14, 4.0.1, 4.0.2,
# 4.0.3, 4.0.4, 4.0.5, 4.0.6, 4.0.7,
# 4.0.8, 4.0.9, 4.0.10, 4.0.11, 4.1,
# 4.1.1, 4.1.2, 4.1.3, 4.1.4, 4.1.5,
# 4.1.6, 4.1.7, 4.1.8, 4.2, 4.2.1,
# 4.2.2, 4.2.3, 4.2.4, 4.2.5, 4.3,
# 4.3.2, 4.3.3, 4.3.4, 4.3.5, 4.3.6,
# 5.0, 5.0.1, 5.0.2, 5.0.3,
# To upgrade for future versions:
# cd data
# perl refresh_releases.pl
# I had to add the current version manually, I'll add it to the script one day...
. /home/vagrant/data/settings
sudo su -c "cd /opt;tar xfz /home/vagrant/data/install/$SPLUNK_ENT_INST;chown -R vagrant:vagrant /opt/splunk"
$SPLUNK_HOME/bin/splunk start --accept-license > /dev/null
$SPLUNK_HOME/bin/splunk edit user $SPLUNK_ADMIN_USERNAME -password $SPLUNK_ADMIN_PASSWORD -role admin -auth $SPLUNK_ADMIN_USERNAME:changeme > /dev/null
sudo su -c "/opt/splunk/bin/splunk enable boot-start -user vagrant > /dev/null"
$SPLUNK_HOME/bin/splunk restart > /dev/null
echo Vagrant has mapped your Splunk Web interface to http://localhost:8000/
echo Credentials are $SPLUNK_ADMIN_USERNAME / $SPLUNK_ADMIN_PASSWORD