- How to start/stop Splunk daemon.
Splunk@VM-Splunk:~$ sudo /opt/splunk/bin/splunk start
- How to check a status of Splunk daemon
Splunk@VM-Splunk:~$ sudo /opt/splunk/bin/splunk status
splunkd is running (PID: 2432).
splunk helpers are running (PIDs: 2433 2448 2563 2590 27364).
- How to check a receiving syslog data
put “source=”udp:514″ sourcetype=”cisco:ios” on the search box
I would like to monitor “/var/log/ ”
./splunk add monitor /var/log/
How to remove Splunk APP
- Go to directory of Splunk deployment – /opt/splunk/etc/apps
- Remove a folder is associated with the APP that you want to remove
- rm -rf [app name]
- Restart Splunk system from browser
The www.ipBalance.com runs by a volunteer group with IT professionals and experts at least over 25 years of experience developing and troubleshooting IT in general. ipBalance.com is a free online resource that offers IT tutorials, tools, product reviews, and other resources to help you and your need.
