-
Notifications
You must be signed in to change notification settings - Fork 12
Setting up a Splunk Server
Traun Leyden edited this page Nov 10, 2015
·
1 revision
- Launch instance with AMI: ami-6a9ed702
- Instance type: m3.medium
- Storage size: 150 GB
- Volume type: General Purpose SSD
- Security Group customizations
- TCP and UDP port 514 from anywhere
- TCP port 8000 from anywhere
- TCP port 9997 from anywhere
- Login to your splunk machine at ip:8000
- It will force you to change the password
- On the left, hit the large + button
- Search for Splunk App for Unix and Linux
- Click Install Free
- Login to your splunk machine at ip:8000
- Go to Settings / Forwarding and Receiving
- Next to Configure Receiving, click Add New
- Enter 9997 for the port