本文共 4164 字，大约阅读时间需要 13 分钟。

Splunk做到了什么

splunk让世界变得简单有序，你确实是在评论一个工具而不是满天飞的超人么。

为什么有那么多人看好splunk

splunk在全球90个国家，拥有7000多个用户，在亚太的客户已高达1000个。我们的客户都在用，但是它的价格是多少呢

splunk enterprise price

splunk cloud

看了一下你也许会说这个没有要多少钱麽，但是请注意收费单位是perGB。算完之后就会发现为什么那么多人会这么看好它，因为它挣钱是如此方便，客户好像还在排着队等着送钱给它，为什么不看好呢。

免费版本

免费版本每天可以处理500M的索引，作为普通的POC或者小规模的客户需求，一般splunk的免费版本也可以满足。我们接下来就来看一下如何使用splunk.

版本信息

下载

下载地址:

下载之前需要先注册个用户，然后到自己的垃圾邮件夹中找到激活文件，将之激活。

解压到安装目录

[root@host34 local]# pwd/usr/local[root@host34 local]# ll /tmp/splunk-6.4.2-00f5bb3fa822-Linux-x86_64.tgz-rw-r--r--. 1 root root 203257486 Aug 21 23:36 /tmp/splunk-6.4.2-00f5bb3fa822-Linux-x86_64.tgz[root@host34 local]# tar xvpf /tmp/splunk-6.4.2-00f5bb3fa822-Linux-x86_64.tgz

启动spluk

[root@host34 bin]# pwd/usr/local/splunk/bin[root@host34 bin]# ./splunk start                    SOFTWARE LICENSE AGREEMENTTHIS SOFTWARE LICENSE AGREEMENT (“AGREEMENT”) GOVERNS THE LICENSING,...省略war, acts of terror, riot, acts of God or governmental action.Do you agree with this license? [y/n]: yThis appears to be your first time running this version of Splunk.Copying '/usr/local/splunk/etc/openldap/ldap.conf.default' to '/usr/local/splunk/etc/openldap/ldap.conf'.Generating RSA private key, 1024 bit long modulus..++++++...++++++e is 65537 (0x10001)writing RSA keyGenerating RSA private key, 1024 bit long modulus.....................................................................++++++....................................++++++e is 65537 (0x10001)writing RSA keyMoving '/usr/local/splunk/share/splunk/search_mrsparkle/modules.new' to '/usr/local/splunk/share/splunk/search_mrsparkle/modules'.Splunk> Like an F-18, bro.Checking prerequisites...        Checking http port [8000]: open        Checking mgmt port [8089]: open        Checking appserver port [127.0.0.1:8065]: open        Checking kvstore port [8191]: open        Checking configuration...  Done.                Creating: /usr/local/splunk/var/lib/splunk                Creating: /usr/local/splunk/var/run/splunk                Creating: /usr/local/splunk/var/run/splunk/appserver/i18n                Creating: /usr/local/splunk/var/run/splunk/appserver/modules/static/css                Creating: /usr/local/splunk/var/run/splunk/upload                Creating: /usr/local/splunk/var/spool/splunk                Creating: /usr/local/splunk/var/spool/dirmoncache                Creating: /usr/local/splunk/var/lib/splunk/authDb                Creating: /usr/local/splunk/var/lib/splunk/hashDb        Checking critical directories...        Done        Checking indexes...                Validated: _audit _internal _introspection _thefishbucket history main summary        DoneNew certs have been generated in '/usr/local/splunk/etc/auth'.        Checking filesystem compatibility...  Done        Checking conf files for problems...        Done        Checking default conf files for edits...        Validating installed files against hashes from '/usr/local/splunk/splunk-6.4.2-00f5bb3fa822-linux-2.6-x86_64-manifest'        All installed files intact.        DoneAll preliminary checks passed.Starting splunk server daemon (splunkd)...Generating a 1024 bit RSA private key............................................++++++...........++++++writing new private key to 'privKeySecure.pem'-----Signature oksubject=/CN=host34/O=SplunkUserGetting CA Private Keywriting RSA keyDone                                                           [  OK  ]Waiting for web server at http://127.0.0.1:8000 to be available.... DoneIf you get stuck, we're here to help.Look for answers here: http://docs.splunk.comThe Splunk web interface is at http://host34:8000[root@host34 bin]#

登录画面

用如下用户登录并修改密码

Portal画面

自带教程，简单易学。

转载地址：https://liumiaocn.blog.csdn.net/article/details/52269734 如侵犯您的版权，请留言回复原文章的地址，我们会给您删除此文章，给您带来不便请您谅解！