How to install splunk on a digital ocean droplet.

• Go to Digital Ocean, create a droplet. We chose Singapore as it is physically the closest to New Zealand. We set it up with the cheapest plan. But ended up bumping it up after I we realised I had x credit to use in x months.

• After going through the gui setup in digital ocean, ssh using putty and the ip of the droplet. (or you can use the digital ocean web console, but putty is better). Change the password, the default password is emailed to your email account when the droplet is created. Choose a better more difficult password than raspberry if you don’t want your server hijacked.

• Create an opt folder in highest directory /opt. Get the free enterprise version of splunk from the splunk website. To download splunk onto the server, use the wget linux url and put it into the /opt folder. You want the tar file or extractable file. Not he rpm or whatever (this is a package for automation systems like puppet.

Use the command to unzip the folder "tar xvzf splunk_package_name.tgz" //inside the ./opt folder

Don’t use this as its already in the right folder "tar xvzf splunk_package_name.tgz -C /opt"

Go to opt/splunk/bin/splunk start Use the space bar to quickly go through the terms and conditions.

Use the ip of server and port 8000 in your browser. You should now be able to view your new splunk instance!!!

http://128.199.152.164:8000/en-GB/app/launcher/home

Further config

• The https settings are in /opt/splunk/etc/system/local/web.conf
• But the better likely safer was is to probably do it via ui in settings.
• Should probably change it https for security reasons. But if you don’t care, you don’t have to bother