Installing Splunk on the Ubuntu VM

If you are from people who like the issues related to ethical hacking, then Splunk tines that are part of your list of tools. why in this blog we will tell you how you can install them.

Installing Splunk on the Ubuntu VM

you can go to the following link and download and create your own virtual machine.

https://www.ubuntu.com/download

 

The first step to start using Splunk in our Ubuntu VM is to download the Deb file, to do this we have to use the wget command to download the file directly from the official website it should like this:

wget -c  -O splunklight.deb  \ (Enter)

 

‘https://www.splunk.com/bin/splunk/DownloadsActivityServlet?architecture=x86_64&platform=linux&version=6.5.0&product=splunk_light&filename=splunklight-6.5.0-59c8927def0f-linux-2.6-amd64.deb&wget=true’

Once you’ve downloaded the Deb file, upload the file to your Ubuntu server and place it a temporary directory.

After that we can use the following commands to look for an update that our system may require to run Splunk without problems:

sudo 'which iptables' -F&&\
sudo apt-get update &&\
sudo apt-get upgrade -y

After that, the run process can be executed through the dpkg command to install the Splunk server. The filename of the .deb file may change as new versions are made available so make sure that you have downloaded.

sudo dpkg -i splunklight.deb

The log that appears at the end on the unpacking is caused by a previous version of Splunk on the system it shouldn’t cause troubles while installing Splunk. Next, we need to create the init. D script so that we can quickly start and stop Splunk.

The  default Splunk directory can be changed and run the executable file with the commands shown below:

cd /opt/splunk/bin/
sudo ./splunk enable boot-start

Once you have applied these commands, you can press SPACE to view all of the license agreement and then pulse Y to accept it. You have to use the service command shown below to Start Splunk

ThIis command should be executed to start Splunk:

sudo service splunk start

Now you have begun Splunk Point on your browser at (as a recommendation is better to access another website before engaging Splunk GUI)

http://localhost:8000/. Open the URL in the browser and log in with the below details:

User Name: admin

Password: changeme

You now have your Splunk installation up and running. What’s required next is to get data from your various applications, logs, and monitoring tools into Splunk.

Now we have these statistics the next step is to import them into another platform for visualization purposes. We recommend continuing reading through the next module which explains the downloading, installing and configuring process for Splunk Forwarder.

Resources:

https://www.splunk.com/

Try Certified Ethical Hacker for FREE!!!https://infosecaddicts.com/course/certified-ethical-hacker-v10/

 

Avatar

This post was written by Ruben Dario Caravajal Herrera