Advertisement
Guest User

Splunk 6.1.1 non-privileged issue

a guest
Jun 11th, 2014
139
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.52 KB | None | 0 0
  1. [dhorn@DESKTOP ~]$ ssh splunk-idx2
  2. root@splunk-idx2's password:
  3. Last login: Thu May 29 10:28:51 2014
  4. [root@SPLUNK-IDX2 ~]# useradd splunker
  5. [root@SPLUNK-IDX2 ~]# passwd splunker
  6. Changing password for user splunker.
  7. New password:
  8. Retype new password:
  9. passwd: all authentication tokens updated successfully.
  10. [root@SPLUNK-IDX2 ~]# visudo
  11. [root@SPLUNK-IDX2 ~]# exit
  12. [dhorn@DESKTOP ~]$ ssh splunker@splunk-idx2
  13. [splunker@SPLUNK-IDX2 ~]$ sudo mkdir /apps
  14. [splunker@SPLUNK-IDX2 ~]$ mkdir ~/splunkinstaller && cd ~/splunkinstaller
  15. [splunker@SPLUNK-IDX2 splunkinstaller]$ wget -O splunk-6.1.1-207789-linux-2.6-x86_64.rpm 'http://www.splunk.com/page/download_track?file=6.1.1/splunk/linux/splunk-6.1.1-207789-linux-2.6-x86_64.rpm&ac=&wget=true&name=wget&platform=Linux&architecture=x86_64&version=6.1.1&product=splunk&typed=release'
  16. --2014-06-06 15:14:45-- http://www.splunk.com/page/download_track?file=6.1.1/splunk/linux/splunk-6.1.1-207789-linux-2.6-x86_64.rpm&ac=&wget=true&name=wget&platform=Linux&architecture=x86_64&version=6.1.1&product=splunk&typed=release
  17. Resolving www.splunk.com... 204.107.141.40
  18. Connecting to www.splunk.com|204.107.141.40|:80... connected.
  19. HTTP request sent, awaiting response... 302 Found
  20. Location: http://download.splunk.com/products/splunk/releases/6.1.1/splunk/linux/splunk-6.1.1-207789-linux-2.6-x86_64.rpm [following]
  21. --2014-06-06 15:14:49-- http://download.splunk.com/products/splunk/releases/6.1.1/splunk/linux/splunk-6.1.1-207789-linux-2.6-x86_64.rpm
  22. Resolving download.splunk.com... 204.107.141.44
  23. Connecting to download.splunk.com|204.107.141.44|:80... connected.
  24. HTTP request sent, awaiting response... 200 OK
  25. Length: 80796793 (77M) [application/x-rpm]
  26. Saving to: “splunk-6.1.1-207789-linux-2.6-x86_64.rpm”
  27.  
  28. 100%[======================================>] 80,796,793 651K/s in 2m 3s
  29.  
  30. 2014-06-06 15:16:53 (640 KB/s) - “splunk-6.1.1-207789-linux-2.6-x86_64.rpm” saved [80796793/80796793]
  31. [splunker@SPLUNK-IDX2 splunkinstaller]$ sudo rpm -i --prefix=/apps splunk-6.1.1-207789-linux-2.6-x86_64.rpm
  32. complete
  33. [splunker@SPLUNK-IDX2 splunkinstaller]$ sudo /apps/splunk/bin/splunk enable boot-start -user splunk --accept-license
  34.  
  35. This appears to be your first time running this version of Splunk.
  36. Could not open log file "/apps/splunk/var/log/splunk/first_install.log" for writing (13).
  37. First-time-run has not finished. Ignore this error when previewing migration - exiting.
  38. [splunker@SPLUNK-IDX2 splunkinstaller]$ sudo chown -R splunk:splunk /apps/splunk
  39. [splunker@SPLUNK-IDX2 splunkinstaller]$ sudo /apps/splunk/bin/splunk enable boot-start -user splunk --accept-license
  40.  
  41. This appears to be your first time running this version of Splunk.
  42. Copying '/apps/splunk/etc/openldap/ldap.conf.default' to '/apps/splunk/etc/openldap/ldap.conf'.
  43. Generating RSA private key, 1024 bit long modulus
  44. .................++++++
  45. ...................................................++++++
  46. e is 65537 (0x10001)
  47. writing RSA key
  48.  
  49. Generating RSA private key, 1024 bit long modulus
  50. ..++++++
  51. ........++++++
  52. e is 65537 (0x10001)
  53. writing RSA key
  54.  
  55. Moving '/apps/splunk/share/splunk/search_mrsparkle/modules.new' to '/apps/splunk/share/splunk/search_mrsparkle/modules'.
  56. Init script installed at /etc/init.d/splunk.
  57. Init script is configured to run at boot.
  58. [splunker@SPLUNK-IDX2 splunkinstaller]$ sudo shutdown -r now
  59.  
  60. [...]
  61.  
  62. [dhorn@DESKTOP ~]$ ssh splunker@splunk-idx2
  63. splunker@splunk-idx2's password:
  64. Last login: Fri Jun 6 15:13:25 2014 from 172.16.1.172
  65. [splunker@SPLUNK-IDX2 ~]$ sudo /etc/init.d/splunk status
  66. [sudo] password for splunker:
  67. Splunk status:
  68. splunkd is not running.
  69. splunkweb is not running.
  70. [splunker@SPLUNK-IDX2 ~]$ sudo /etc/init.d/splunk start
  71. Starting Splunk...
  72.  
  73. Splunk> Now with more code!
  74.  
  75. Checking prerequisites...
  76. Checking http port [8000]: open
  77. Checking mgmt port [8089]: open
  78. Checking configuration... Done.
  79. Checking critical directories... Done
  80. Checking indexes...
  81. Validated: _audit _blocksignature _internal _introspection _thefishbucket history main summary
  82. Done
  83. ERROR - Error opening "/apps/splunk/var/log/splunk/splunkd-utility.log": Permission denied
  84. ERROR - Error opening "/apps/splunk/var/log/splunk/splunkd-utility.log": Permission denied
  85. ERROR - Error opening "/apps/splunk/var/log/splunk/splunkd-utility.log": Permission denied
  86. ERROR - Error opening "/apps/splunk/var/log/splunk/splunkd-utility.log": Permission denied
  87. ERROR - Error opening "/apps/splunk/var/log/splunk/splunkd-utility.log": Permission denied
  88. ERROR - Error opening "/apps/splunk/var/log/splunk/splunkd-utility.log": Permission denied
  89. ERROR - Error opening "/apps/splunk/var/log/splunk/splunkd-utility.log": Permission denied
  90. ERROR - Error opening "/apps/splunk/var/log/splunk/splunkd-utility.log": Permission denied
  91. The SPLUNK_DB environment variable was defined but the test file ("/apps/splunk/var/lib/splunk/test.emcX2Z") could not be created by the current user: Permission denied
  92. Locking test failed on filesystem in path /apps/splunk/var/lib/splunk with code '7'. Please file a case online at http://www.splunk.com/page/submit_issue
  93. Checking filesystem compatibility...
  94. [splunker@SPLUNK-IDX2 ~]$ sudo chown -R splunk:splunk /apps/splunk
  95. [splunker@SPLUNK-IDX2 ~]$ sudo /etc/init.d/splunk start
  96. Starting Splunk...
  97.  
  98. Splunk> Now with more code!
  99.  
  100. Checking prerequisites...
  101. Checking http port [8000]: open
  102. Checking mgmt port [8089]: open
  103. Checking configuration... Done.
  104. Checking critical directories... Done
  105. Checking indexes...
  106. Validated: _audit _blocksignature _internal _introspection _thefishbucket history main summary
  107. Done
  108. Checking filesystem compatibility... Done
  109. Checking conf files for problems...
  110. Done
  111. All preliminary checks passed.
  112.  
  113. Starting splunk server daemon (splunkd)...
  114. Done
  115. [ OK ]
  116. Starting splunkweb... Generating certs for splunkweb server
  117. Generating a 1024 bit RSA private key
  118. .......................++++++
  119. ...............++++++
  120. unable to write 'random state'
  121. writing new private key to 'privKeySecure.pem'
  122. -----
  123. Signature ok
  124. subject=/CN=SPLUNK-IDX2/O=SplunkUser
  125. Getting CA Private Key
  126. unable to write 'random state'
  127. writing RSA key
  128. [ OK ]
  129. Done
  130.  
  131. If you get stuck, we're here to help.
  132. Look for answers here: http://docs.splunk.com
  133.  
  134. The Splunk web interface is at http://SPLUNK-IDX2:8000
  135.  
  136. [splunker@SPLUNK-IDX2 ~]$
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement