Installing Splunk Part 1 of 5 – Starting the OS Installation

For the purpose of this blog series I am going to go through installing the operating
system for Splunk. Installing Splunk, then configuring both the OS and Splunk
for managing the logs within your environment. The operating system that I have
chosen in Suse Enterprise 10. My goal in this blog series is to provide a step
by step installation guide and configuration guide. While you will not be either
a Splunk expert or a Linux expert after reading this series you will be able to forward,
maintain, and take care of the logs within your environment.

I chose to use Suse for the installation for two reasons. First I wanted the
smallest footprint from the operating system as I could achieve so Linux was the obvious
choice. Second, and more specifically, I chose Suse because of my familiarity
with the OS and the ability to use Yast for installing additional packages if needed.
this could be tweaked for other Linux installations.

Installing the operating system. I didn’t take the time to add fluff or colorful
commentary to this installation guide. It is for those out there that want a
straightforward, get it done, guide.

1. Ensure that your server is configured
   for RAID 10 or RAID 0+1. When introducing a log management server of any kind
   redundancy and having the ability to recover from hardware failure is crucial.
   I would recommend RAID 10 as it provides good performance while providing the needed
   redundancy. If you are not familiar with RAID or it’s configuration then here is
   a reference for you to look at.
2. Ensure that the amount of RAM
   that is installed on the server is written down as it will be needed later in this
   document.
3. After rebooting the server you
   should be able to see the following screen.

4. From the screen above (Step 3.),
   select Installation and press enter. The installation will take a few minutes to load.

5. Select your preferred language
   and click Next.

6. Click on “Yes, I Agree to the
   License Agreement” and click Next.

7. Make sure that “New Installation” is selected and click Next.

8. Select the preferred Region and
   Time Zone and click Next.

9. Select the Expert tab to select
   a secure installation method.

10. Click on Partitioning and select
    Create Custom Partition Setup.

11. The next screen will prompt you
    to select the drive to install on. Select the primary
    hard drive/RAID array that will be used.

12. Once Presented with the expert
    options screen delete all of the presented partitions. Until
    only SDA remains.

At this point the process for creating multiple partitions becomes repetitive so i will only show images for the first partition after that I am going to assume that you can scroll back to the images if needed. Also note that the partition sizes vary from the images to the instructions. The key is to follow the instructions and use the pics only for reference. It goes without saying that at a minimum you should have 100gb of hard drive space for the server in a small at home environment and more than a terabyte within an enterprise environment. The key is to follow the instructions and save room for /opt as it will be the Splunk partition.

13. At the bottom of the screen click
    the button for Create, to create a new partition and select Primary Partition from
    the Pop-Up Window.

14. The next Pop-Up window will format
    the partition and place the mount point. On left side
    select Ext3 for the file system type. On the Right Side
    click inside the ending point of the partition and type “+20gb”. On
    the bottom right select “/” and click “OK” and the new partition will be displayed
    at the top of the screen.

15. At the bottom of the screen click
    the button for Create, to create a new partition.
16. Select Primary Partition from
    the Pop-Up Window
17. On left side select Ext3 for
    the file system type
18. On the Right Side click inside
    the ending point of the partition and type “+200mb”
19. On the bottom right select “/boot”
    and click “OK” and the new partition will be displayed at the top of the screen.
20. At the bottom of the screen click
    the button for Create, to create a new partition.
21. Select Primary Partition from
    the Pop-Up Window
22. On left side select Swap for
    the file system type
23. On the Right Side click inside
    the ending point of the partition and type “+XYZgb” where XYZ is the same number as
    the system RAM gathered in step 2.
24. Click “OK” and the new partition
    will be displayed at the top of the screen.
25. At the bottom of the screen click
    the button for Create, to create a new partition.
26. Select Extended Partition from
    the Pop-Up Window
27. Ensure that all remaining portions
    of the drive are selected in the window. Click “OK” and
    the new partition will be displayed at the top of the screen.
28. At the bottom of the screen click
    the button for Create, to create a new partition.
29. The next Pop-Up window will format
    the partition and place the mount point.
30. On left side select Ext3 for
    the file system type
31. On the Right Side click inside
    the ending point of the partition and type “+5gb”
32. On the bottom right select “/usr”
    and click “OK” and the new partition will be displayed at the top of the screen.
33. At the bottom of the screen click
    the button for Create, to create a new partition.
34. The next Pop-Up window will format
    the partition and place the mount point.
35. On left side select Ext3 for
    the file system type
36. On the Right Side click inside
    the ending point of the partition and type “+5gb”
37. On the bottom right select “/var”
    and click “OK” and the new partition will be displayed at the top of the screen.
38. At the bottom of the screen click
    the button for Create, to create a new partition.
39. The next Pop-Up window will format
    the partition and place the mount point.
40. On left side select Ext3 for
    the file system type
41. On the Right Side click inside
    the ending point of the partition and type “+10gb”
42. On the bottom right select “/home”
    and click “OK” and the new partition will be displayed at the top of the screen.
43. At the bottom of the screen click
    the button for Create, to create a new partition.
44. The next Pop-Up window will format
    the partition and place the mount point.
45. On left side select Ext3 for
    the file system type
46. On the Right Side click inside
    the ending point of the partition and type “+2gb”
47. On the bottom right select “/tmp”
    and click “OK” and the new partition will be displayed at the top of the screen.
48. At the bottom of the screen click
    the button for Create, to create a new partition.
49. The next Pop-Up window will format
    the partition and place the mount point.
50. On left side select Ext3 for
    the file system type
51. On the Right Side by default
    the remaining portion of the drive should be selected. Ensure
    that all remaining drive space is allocated to this partition.
52. On the bottom right select “/opt”
    and click “OK” and the new partition will be displayed at the top of the screen. The
    partition table should resemble that of the following figure.

53. Click “Finish” on the bottom
    right of the screen
54. This will bring you back to the
    installation summary page.

At this time due to size and to keep the post a reasonable length
we are going to break up the blog posts for clarity and you can go to part
2 of 5 to go through the next portion of the installation.