書(shū)名： Splunk 7.x Quick Start Guide
作者名： James H. Baxter
本章字?jǐn)?shù)： 281字
更新時(shí)間： 2021-06-10 19:04:58

Starting on reboot

By default, Splunk does not start when the server is rebooted; you will typically want it to do so. You can have Splunk create a script that starts it by executing an 'enable boot-start' command (as root, as this will alter OS level files):

[root@ip-172-31-28-164 ~]# cd /opt/splunk/bin
[root@ip-172-31-28-164 bin]# ./splunk enable boot-start -user splunk
Init script installed at /etc/init.d/splunk.
Init script is configured to run at boot.

Then, edit the /etc/init.d/splunk file and add USER=splunk right after the RETVAL=0 entry near the top of the file:

#!/bin/sh
#
# /etc/init.d/splunk
# init script for Splunk.
# generated by 'splunk enable boot-start'.
#
# chkconfig: 2345 90 60
# description: Splunk indexer service
#
RETVAL=0
USER=splunk

. /etc/init.d/functions

splunk_start() {
 echo Starting Splunk...
 "/opt/splunk/bin/splunk" start --no-prompt --answer-yes
 RETVAL=$?
 [ $RETVAL -eq 0 ] andand touch /var/lock/subsys/splunk
}
...

Be sure to specify -user splunk when you execute the enable boot-start command, and make the noted change to the /etc/init.d/splunk file, or the script will start Splunk as root upon startup and cause you all kinds of file ownership issues! You can verify that Splunk is running as the splunk user by executing the: ps -ef | grep splunk command and checking to see which user (root or splunk) owns the splunk processes. If you DO accidentally start splunk as root, stop Splunk, cd to the /opt /splunk directory, and run chown -R splunk:splunk ./ (as root) to change the ownership of all the files back to the splunk user. Don't fret—we've all done it, and it's easily fixed.

官术网_书友最值得收藏!

Splunk 7.x Quick Start Guide

Starting on reboot