Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Splunk 9.x Enterprise Certified Admin Guide

You're reading from   Splunk 9.x Enterprise Certified Admin Guide Ace the Splunk Enterprise Certified Admin exam with the help of this comprehensive prep guide

Arrow left icon
Product type Paperback
Published in Aug 2023
Publisher Packt
ISBN-13 9781803230238
Length 256 pages
Edition 1st Edition
Tools
Arrow right icon
Author (1):
Arrow left icon
Srikanth Yarlagadda Srikanth Yarlagadda
Author Profile Icon Srikanth Yarlagadda
Srikanth Yarlagadda
Arrow right icon
View More author details
Toc

Table of Contents (17) Chapters Close

Preface 1. Part 1: Splunk System Administration
2. Chapter 1: Getting Started with the Splunk Enterprise Certified Admin Exam FREE CHAPTER 3. Chapter 2: Splunk License Management 4. Chapter 3: Users, Roles, and Authentication in Splunk 5. Chapter 4: Splunk Forwarder Management 6. Chapter 5: Splunk Index Management 7. Chapter 6: Splunk Configuration Files 8. Chapter 7: Exploring Distributed Search 9. Part 2:Splunk Data Administration
10. Chapter 8: Getting Data In 11. Chapter 9: Configuring Splunk Data Inputs 12. Chapter 10: Data Parsing and Transformation 13. Chapter 11: Field Extractions and Lookups 14. Chapter 12: Self-Assessment Mock Exam 15. Index 16. Other Books You May Enjoy

Splunk installation – standalone

As discussed in the preceding section, a single-server deployment consists of a single Splunk instance combining both SH and indexer functionality. The installation actually isn’t part of the admin exam blueprint; however, it is very helpful to get your hands dirty by experiencing Splunk yourself through the Splunk Web, configuration file (.conf), and CLI options that we are going to discuss in upcoming chapters. This section provides instructions for installing Splunk Enterprise 9.0.3 on the Windows operating system. Let's get into it.

Installation system requirements

Let’s look at the system requirements of the computing environment. Splunk Enterprise supports multiple operating system environments. A full list of the supported options is available here: https://tinyurl.com/2tuudjwr. Splunk has the following hardware requirements:

  • A 64-bit Linux or Windows distribution
  • 12 physical CPU cores or 24 vCPU @ 2 GHz or more clock speed per core
  • 12 GB random-access memory (RAM)
  • An x86 64-bit chip architecture
  • 1 GB Ethernet network interface card (NIC)
  • Free disk space of at least 3 GB for installation and more as per indexing needs

My system specifications for where Splunk version 9.0.3 is going to be installed are as follows:

  • 64-bit Windows 11 Pro operating system
  • 6 physical CPU cores (or 12 vCPUs) @ 2.1 GHz clock speed and 16 GB RAM
  • An x86 64-bit AMD chip
  • Plenty of disk space

You might have noticed the physical CPU cores in my PC are fewer than recommended, which is absolutely fine as we are not going to run production workloads on the Splunk instance. Let’s get into the installation steps, as follows.

Installation steps

As a prerequisite, you need a high-speed internet connection to download the Splunk Enterprise free software package from here: https://www.splunk.com/en_us/download.html. If you do not have a Splunk account, then sign up and log in to continue. Choose the installation package by operating system and download the latest version, which is 9.0.3 at the time of writing.

Let’s begin the installation:

  1. Download the .msi file that appears as splunk-9.0.3-dd0128b1f8cd-x64-release.msi. Double-click on it to start the installation. You will be prompted to accept the license with the default installation options. Refer to Figure 1.8 and click the Next button:
Figure 1.8: Installation – license agreement

Figure 1.8: Installation – license agreement

  1. You will be prompted to enter administrator account credentials. Enter the details. Make sure you remember them as you will need them to log in to the Splunk instance for the first time. Click the Next button (refer to Figure 1.9):
Figure 1.9: Installation – creating administrator account credentials

Figure 1.9: Installation – creating administrator account credentials

  1. On the next screen, just click the Install button (refer to Figure 1.10):
Figure 1.10: Installation – click Install to begin

Figure 1.10: Installation – click Install to begin

  1. The setup wizard takes a few minutes to install Splunk Enterprise. If all goes well, a final “successfully installed” screen appears, as shown in Figure 1.11. Clicking on the Finish button will launch the browser window:
Figure 1.11: Installation successful

Figure 1.11: Installation successful

  1. You should observe the first-time login browser window URL: https://127.0.0.1:8000. Here, 8000 is the default Splunk Web port and 127.0.0.1 is the loopback address. Enter the admin credentials created in step 2; then you will be taken to the Splunk Enterprise home page at http://127.0.0.1:8000/en-GB/app/launcher/home:
Figure 1.12: Splunk Enterprise – first-time sign-in page

Figure 1.12: Splunk Enterprise – first-time sign-in page

The installation is successfully completed. Now, let’s summarize what we learned in this chapter in the next section.

You have been reading a chapter from
Splunk 9.x Enterprise Certified Admin Guide
Published in: Aug 2023
Publisher: Packt
ISBN-13: 9781803230238
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image