In this tutorial, we will show you how to install Splunk on Ubuntu 22.04 LTS. For those of you who didn’t know, Splunk is aimed to process the data to make it useful for the user without manipulating the original data. It is one of the most powerful tools for analyzing, exploring, and searching data. It reads most of the output format from virtual machines, network devices, firewall, Unix-based and Windows based devices.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘
sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of Splunk on Ubuntu 22.04 (Jammy Jellyfish). You can follow the same instructions for Ubuntu 22.04 and any other Debian-based distribution like Linux Mint, Elementary OS, Pop!_OS, and more as well.
- A server running one of the following operating systems: Ubuntu 22.04, 20.04, and any other Debian-based distribution like Linux Mint.
- It’s recommended that you use a fresh OS install to prevent any potential issues.
- SSH access to the server (or just open Terminal if you’re on a desktop).
non-root sudo useror access to the
root user. We recommend acting as a
non-root sudo user, however, as you can harm your system if you’re not careful when acting as the root.
Install Splunk on Ubuntu 22.04 LTS Jammy Jellyfish
Step 1. First, make sure that all your system packages are up-to-date by running the following
apt commands in the terminal.
sudo apt update sudo apt upgrade sudo apt install wget apt-transport-https gnupg2
Step 2. Installing Splunk on Ubuntu 22.04.
By default, OneDrive is not available on Ubuntu 22.04 base repository. Now go to Splunk official website and click on the Free Splunk button on the top right corner of your screen. After that, you have to create an account in order to download the installer. Make sure you select Software Download instead of Cloud Trial.
Once the download is completed, run the following command to install
sudo dpkg -i splunk-9.0.1-77015bc7a462-linux-2.6-amd64.deb
After that, let’s run the script that will not only enable Splunk service at boot level but also let us set up login details:
sudo /opt/splunk/bin/splunk enable boot-start
Finally, we can start the Splunk service with the command below:
sudo systemctl start splunk
Step 3. Configure Firewall.
Now we set up an Uncomplicated Firewall (UFW) with Splunk to allow public access on default web ports 8000:
sudo ufw allow 8080 sudo ufw enable
Step 4. Accessing Splunk Web Interface.
Once successfully installed, open your web browser and access the Splunk installation wizard using the URL
https://your-IP-adress:8000. You will be redirected to the following page:
Congratulations! You have successfully installed Splunk. Thanks for using this tutorial for installing Splunk on Ubuntu 22.04 LTS Jammy Jellyfish system. For additional help or useful information, we recommend you check the official Splunk website.