You really should run Splunk as a non-root user. Here’s how to do it:
1. create a new user (if it doesn’t already exist)
– useradd splunk
– passwd splunk
2. Stop splunk
– /opt/splunk/bin/splunk stop
3. give ownership of all splunk files to the “splunk” user
– chown -R splunk:splunk /opt/splunk/
4. set splunk to start up under the “splunk” user at system boot
– /opt/splunk/bin/splunk enable boot-start -user splunk
5. reboot and make sure splunk starts up as expected
– top
If it doesn’t start up, the most likely thing is that for some reason the “splunk” user does not have permissions on some file somewhere.
Thank you for your great information it is useful .Tableau Online Training Bangalore
ReplyDelete