Skip to content

Splunk Server

Jump to bottom
Wuyi Chen edited this page Jun 8, 2019 · 9 revisions

Services/Servers send their logs to Splunk

  • Eureka Server
  • Config Server
  • Zuul Server
  • Licensing Service
  • Organization Service
  • Authentication Service
  • Specialroutes Service

Splunk Web Portal

http://localhost:8000

Credential

  • Username:admin
  • Password:adminadmin

Common commands

  • Manage Splunk server
    • Start server: ./splunk start
    • Stop server: ./splunk stop
    • Restart server: ./splunk restart
    • Check server's status: ./splunk status
  • Manage apps
    • Add an app: ./splunk create app [appname] -auth <username>:<password>
    • Remove an app: ./splunk remove app [appname] -auth <username>:<password>
  • Manage data inputs
    • Add a data input
      • UDP: ./splunk add udp [portnumber]
      • TCP: ./splunk add tcp [portnumber]
    • Remove a data input:
      • UDP: ./splunk remove udp [portnumber]
      • TCP: ./splunk remove tcp [portnumber]
  • Run a command with authentication
    • Append -auth <username>:<password> at the end of the command.
Clone this wiki locally