If you are one of those people who like the issues related to ethical hacking, then Splunk tines are part of your list of tools. In this blog we will tell you how you can install them.

Installing Splunk on the Ubuntu VM

You can go to the following link and download and create your own virtual machine.



The first step to start using Splunk in Ubuntu VM is to download the Deb file, to do this we have to use the wget command to download the file directly from the official website.  It should look like this:

wget -c  -O splunklight.deb  \ (Enter)



Once you’ve downloaded the Deb file, upload the file to your Ubuntu server and place it a temporary directory.

After that we can use the following commands to look for an update that our system may require to run Splunk without problems:

sudo 'which iptables' -F&&\
sudo apt-get update &&\
sudo apt-get upgrade -y

After that, the run process can be executed through the dpkg command to install the Splunk server. The filename of the .deb file may change as new versions are made available so make sure that you have downloaded it.

sudo dpkg -i splunklight.deb

The log that appears at the end on the unpacking is caused by a previous version of Splunk on the system it shouldn’t cause troubles while installing Splunk. Next, we need to create the init. D script so that we can quickly start and stop Splunk.

The  default Splunk directory can be changed and run the executable file with the commands shown below:

cd /opt/splunk/bin/
sudo ./splunk enable boot-start

Once you have applied these commands, you can press SPACE to view all of the license agreement and then pulse Y to accept it. You have to use the service command shown below to Start Splunk

This command should be executed to start Splunk:

sudo service splunk start

Now you have begun Splunk Point on your browser at (as a recommendation is better to access another website before engaging Splunk GUI)

http://localhost:8000/. Open the URL in the browser and log in with the below details:

User Name: admin

Password: changeme

You now have your Splunk installation up and running. What’s required next is to get data from your various applications, logs, and monitoring tools into Splunk.

Now we have these statistics, the next step is to import them into another platform for visualization purposes. We recommend continuing reading through the next module which explains the downloading, installing and configuring process for Splunk Forwarder.



If you are interested in learning more about Splunk, we invite you to review this course.

Advanced Threat Hunting With Splunk

Try Certified Ethical Hacker for FREE!!!