Installing Splunk on Ubuntu 14.04

Download the latest version of Splunk Light (Currently version 6.5) to your download folder.

[email protected]:~/Downloads$ wget -O splunklight-6.5.0-59c8927def0f-Linux-x86_64.tgz ''

Extract the archive to the /opt/ folder.

[email protected]:~/Downloads$ sudo tar zvzf splunklight-6.5.0-59c8927def0f-Linux-x86_64.tgz -C /opt/

Export the folder where Splunk is installed to your environment.

[email protected]:/opt/splunk$ echo 'export SPLUNK_HOME=/opt/splunk/' >> ~/.bashrc 
[email protected]:/opt/splunk$ source ~/.bashrc

Make sure the rights of the /opt/splunk/ folder are correctly set.

[email protected]:/opt$ sudo chown -R jitsejan:root splunk/ 

Enable access to the Splunk web interface by adding a subdomain that links to the right port.

[email protected]:/etc/nginx/sites-available$ sudo nano splunk

Add the following to the configuration file. Change the subdomain and port to the right values for you.

server {
    listen 80;

    location / {
        proxy_pass http://localhost:8888;

Enable the subdomain by creating a system link.

[email protected]:/etc/nginx/sites-available$ sudo ln -s /etc/nginx/sites-available/splunk /etc/nginx/sites-enabled/

And finally restart the server.

[email protected]:/etc/nginx/sites-available$ sudo service nginx restart

Now you can open up the browser and go the the subdomain that you just introduced.