Continuing the series of Splunk Cluster setup articles with instructions on Installation and Setup of Ubuntu Linux for Splunk Cluster setup.
Contents:
- Setup VMWare Virtual Machine (Azure services)
- Install and Setup Ubuntu Linux (Azure services)
- Install and Setup Splunk
- Indexes Configuration
- Enable Clustering
- Add second Splunk instance to the cluster
- * Potential problems
- Add third Splunk instance to the cluster (Search Head)
Once Ubuntu Linux is installed there are several things we need to do before we install Splunk.
These items are not necessary required, but they will help you manage VM and system better later.
Content:
- Enable SSH
- Install VMWare Tools
Details:
Enable SSH
In order to remotely manage VM without necessary using GUI, I suggest enabling SSH.
- Open Terminal window (Ctrl+Alt+T) and run
sudo apt-get install openssh-server
- Follow prompts and once installation is complete you should be able to SSH into your VM
- To test run this from your terminal window on any machine that’s not VM where 10.10.123.123 is IP address of your VM. Get it by running ifconfig command:
ssh administrator@10.10.123.123
Install VMWare Tools
- Mount The VMWare Tools disk via menu
- Double click on VMWareTools-X.X.X-XXXXX.tar.gz file (file name varies depending on VMWare Fusion version) and select Extract to Desktop
- Open Terminal window (Ctrl+Alt+T) and navigate to that folder:
cd /home/administrator/Desktop/vmware-tools-distrib/
- Now run installation script:
sudo ./vmware-install.pl -d
- Once installed, reboot VM
Let’s now install Splunk