Splunk Enterprise Installation Script

Splunk Enterprise Installation Script
This is a simple shell script for the installation Splunk enterprise in linux. Once the file is created make it executable with the command chmod +x <filename> and run.

#!/bin/bash
#
# SPLUNK ENTERPRISE INSTALLATION SCRIPTS
#
# How to install splunk enterprise # splunk-7.1.0-2e75b3406c5b-Linux-x86_64.tg
# https://www.splunk.com/en_us/download/splunk-enterprise.html#tabs/linux
#
# wget -O splunk-7.1.0-2e75b3406c5b-Linux-x86_64.tgz ‘https://www.splunk.com/bin/splunk/DownloadActivityServlet?architecture=x86_64&platform=linux&version=7.1.0&product=splunk&filename=splunk-7.1.0-2e75b3406c5b-Linux-x86_64.tgz&wget=true’
#

sudo groupadd splunk
if [ $? -eq 0 ]
then
echo “Successfully: splunk group created”
else
echo “FAILED: splunk group not created ”
fi

grep splunk /etc/group

sudo useradd -g splunk splunker

if [ $? -eq 0 ]
then
echo “Successfully: splunker user created”
else
echo “FAILED: splunker user not created ”
fi

grep splunker /etc/passwd
sudo grep splunker /etc/sudoers
sudo cp –p /etc/sudoers /etc/sudoers.orig
sudo echo “splunker ALL=(ALL) NOPASSWD:ALL” >> /etc/sudoers
sudo su – splunker

# Download the software splunk-7.1.0-2e75b3406c5b-Linux-x86_64.tgz

wget -O splunk-7.1.0-2e75b3406c5b-Linux-x86_64.tgz ‘https://www.splunk.com/bin/splunk/DownloadActivityServlet?architecture=x86_64&platform=linux&version=7.1.0&product=splunk&filename=splunk-7.1.0-2e75b3406c5b-Linux-x86_64.tgz&wget=true’

if [ $? -eq 0 ]
then
echo “Successfully: downloaded the software”
else
echo “FAILED: could not downloaded the software”
fi

sleep 20
echo “”
echo “”
sudo tar zxf splunk-7.1.0-2e75b3406c5b-Linux-x86_64.tgz -C /opt
if [ $? -eq 0 ]
then
echo “Successfully: extracted the software”
else
echo “FAILED: could not extracted the software”
fi

echo “”
echo “”

sudo chown -R splunker:splunk /opt/splunk

if [ $? -eq 0 ]
then
echo “Successfully: change the owenership to splunker /opt/splunk”
else
echo “FAILED: could not change the ownership to splunker ”
fi

echo “”
echo “”
sudo ls -l /opt/splunk
if [ $? -eq 0 ]
then
echo “Successfully: change the owenership to splunker /opt/splunk”
else

echo “FAILED: could not change the ownership to splunker ”
fi
echo “”
echo “”
sudo /opt/splunk/bin/splunk start –accept-license –no-prompt -answer
if [ $? -eq 0 ]
then
echo “Successfully: Now start splunk server”
else
echo “FAILED: splunk server did not start”
fi
echo “”
echo “”

sudo /opt/splunk/bin/splunk enable boot-start -user splunker
if [ $? -eq 0 ]
then
echo “Successfully: splunk init.d as user splunker”
else
echo “FAILED: splunk init.d as user splunker”
fi

echo “”
echo “”

sudo /opt/splunk/bin/splunk status
if [ $? -eq 0 ]
then
echo “Successfully: splunk server is running”
else

echo “FAILED: splunk server is not running”

fi

echo “”
echo “”

/opt/splunk/bin/splunk version

echo “”
/opt/splunk/bin/splunk show web-port -auth admin:changeme
echo “”
/opt/splunk/bin/splunk show splunkd-port -auth admin:changeme
echo “”
/opt/splunk/bin/splunk show appserver-ports -auth admin:changeme
echo “”
/opt/splunk/bin/splunk show kvstore-port -auth admin:changeme
echo “”
/opt/splunk/bin/splunk show servername -auth admin:changeme
echo “”
/opt/splunk/bin/splunk show default-hostname -auth admin:changeme
echo “”