How to install Splunk on a free AWS micro instance
This guide assumes you already have the Micro EC2 Instance up and running and you have ssh access.
wget -O splunk-6.2.3-264376-linux-2.6-x86_64.rpm 'http://www.splunk.com/bin/splunk/DownloadActivityServlet?architecture=x86_64&platform=Linux&version=6.2.3&product=splunk&filename=splunk-6.2.3-264376-linux-2.6-x86_64.rpm&wget=true'
rpm -ivh splunk-6.2.3-264376-linux-2.6-x86_64.rpm
Splunk is now installed, lets start it.
You will be prompted to agree to the license, other than that the defaults should be fine.
Configure access to port 8000 on the software firewall
Depending on what distro of linux you are using this part may vary. I prefer SuSE linux, so I used YaST to open up the port.
Select Security and Users
Select Allowed Services
Here you type in 8000 under TCP Ports
Close the advanced configuration by selecting OK.
Click Next and then Finish.
The software firewall will now allow TCP access on port 8000
Configure access on the AWS side
Log into your AWS console
- Navigate to the EC2 instances page
- Navigate to the Security Groups
- Highlight the security group
- Navigate to the Inbound Tab
- Click Edit
- Click Add Rule
- Select Custom TCP Rule
- For Port put 8000
- For the Source put ANY if you want to allow access from anywhere or put My IP or Custom IP if you want to limit access
- Now click Save
For more information on AWS security groups please check out this website.
Configure access through CloudFlare.
- Log into your CloudFlare Panel here
- Click on the domain that you have Splunk hosted on
- Navigate to the DNS tab
- Enter the information like shown below using the IP address of your server
- Click Add Record
If you run into any problems or have any questions please drop me a comment here or reach out to me on twitter.