This is the second part of the installation of the operating system for a Splunk deployment. The first portion of the installation got us through the longest part of the installation. We have our partitions in place and are ready to move on to the next steps and finish the installation. - Click the “Software” portion of the installation summary to adjust
the packages that are installed on the server.
- On the left hand side There will be a summary or all the packages
that are installed by default.
De-select all packages except the very top selection.
- Highlight File Server on the left of the screen. The window on the right of the screen
will be populated with different file server utilities.
- Go down and select samba client utilities only not the entire Samba
module.
- Click “Accept” in the bottom right of the screen. An automatic dependencies window will
pop-up. Click OK. This will take you back to the
installation summary page.
- Select install and allow the server to format the partitions and
install the Operating System. If a
DVD is used to install the Operating System the server should run the
install for approximately 20 to 30 minutes and then reboot.
- Once the installation is complete, you will have to configure the
system settings (NOTE. All
configurations from this point forward will be performed in a Non-GUI
environment so you will need to use the keyboard to navigate through the
server.) Enter a password for
"root". Ensure that the
password meets or exceeds current password policies and is documented.
- Enter a hostname that conforms to your company's system naming scheme. De-select the option to have the
hostname updated via DHCP. Select
Next.
- The next screen will allow you to make changes to the network and
firewall configuration. Tab to
change in the bottom right of the screen and hit enter this will bring up
the drop down menu for allowed changes.
- Select Firewall and hit enter to create the firewall allowed
services and ports. Use the down
arrow key on the firewall screen to select allowed services.
- Tab to the DHCP Client Section and press the down arrow key. This will bring up a list of pre-defined
services. Still using the down
arrow key scroll down to SSH.
- Once SSH is highlighted press enter and SSH will now be in the
selection area where DHCP Client was.
Tab to Add and press enter.
This will show SSH in the allowed services box on the center of the
screen.
- Use steps 66 and 67 to add HTTPS to the allowed services. Then tab to Advanced and press enter. In the advanced dialog box enter TCP
Ports 8089, 9997 these should be separated with a space. Then enter 514 in UDP. Tab to OK and press enter.
- Tab to next and press enter.
This will bring you back out to the Network Configuration main
screen tab to change and press enter.
Use the arrow key to select Network Interfaces.
- You will be presented with a list of the network interfaces found
on the server. Typically on most
servers there will be at least two or more interfaces. Select the interface that you have decided
to use.
- Tab to Edit and press enter.
Tab to Static IP and press the space bar to select static. Tab to IP Address and enter the IP that
is assigned to this server. Change
the SubNet Mask if appropriate and tab to Hostname and Name Server. Press enter.
- Press enter and you will be brought into the DNS and hostname
screen. Check the hostname and
domain that was entered earlier and then tab to the name server sections
and add the DNS servers that are assigned within your organization.
- Tab to OK and press enter.
This will bring you back to the Network Address Setup screen. Tab to Routing and press enter. Tab to the Default Gateway entry box and
enter in the Default Gateway for the network.
- Tab to Ok and press enter.
This will bring you back to the Network Setup Screen. Tab to OK and press enter. On the next screen tab to next and press
enter.
- At this point you will be brought back to the Network Configuration
screen, tab to Next and press enter.
- This will bring up the Saving Network Configuration screen with a
status bar at the bottom. Once it
reaches 100% it will take you to the next screen automatically.
- The next screen will be there to test the internet connection once
you click next it should try to contact Novell to download the latest
release notes. As long as it does
not fail tab to Next and press enter.
- If the test fails. Tab to
Next and press enter. Further
troubleshooting will be contained later.
- The next screen will be the Selection of user authentication. For the purposes of the Splunk
Deployment local authentication has been selected.
- Tab to Next and press Enter.
This will bring you to the Local Users screen. Enter the information for at least one
user. You have to have at least one
user created as later in this document we will be disabling remote access
for Root.
- Tab to Next and press enter.
This will bring you to a System Configuration screen. The progress bar at the bottom of the
screen will run through.
- Once the progress bar reaches 100% you will automatically be
brought to the next screen.
- The next two screens are erroneous for this installation. Next will be highlighted so you will
just need to press enter to be advanced to the next screen until you reach
the final installation screen.
- Tab to Finish and press enter.
This will start to bring the server up for the first time. The initial screen will appear similar
to this.
- Once the server is done starting it will provide you with a login
prompt. Login as Root by typing root
at the prompt and pressing Enter.
You will then be prompted for the root user password. Enter
the password. That's it the basic operating system is installed and
ready to go for you Splunk server. Although this could be used for a
basic installation guide the partition layout is geared specifically
for Splunk and would need to be adjusted for file server or web server
duties. The final step is to try to ssh to the server ip and log in as
root from another system on your network.One
On the next installment of this blog I
will go through the initial Splunk installation and configuration. I
will also discuss the architecture involved with log forwarding to
Splunk and the considerations for client deployment.