This repository has been archived by the owner on Nov 16, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 45
Installation on Linux
Greg Oliver edited this page Feb 20, 2019
·
24 revisions
- Download the SPL package of your choice from the Releases of this repo.
- In Splunk Web, go to Manage Apps and click "Install app from file". Upload the file you just downloaded.
- You will get a message warning you that the add-on could not be initialized because dependencies are not included in the package. There are both Python and Node.js dependencies.
- The alternative to doing the following steps manually is to use the shell script
am_depends_ubuntu.sh
(oram_depends_rhel.sh
) in the packages folder. I find the best way to do it is:sudo su
cd ~
./am_depends_ubuntu.sh
exit
- For illustration purposes, these are the steps if you want to do it manually in Ubuntu. Open a terminal window to the VM and execute the following:
apt-get update
- Install the latest version of pip. If you use the version that comes with "apt-get install python-pip", the installation of cryptography won't work.
Here's one way that works:
wget https://bootstrap.pypa.io/get-pip.py
python get-pip.py
pip install msrestazure -t $SPLUNK_HOME/etc/apps/TA-Azure_Monitor/bin
pip install Markdown -q -t $SPLUNK_HOME/etc/apps/TA-Azure_Monitor/bin
pip install splunk-sdk -q -t $SPLUNK_HOME/etc/apps/TA-Azure_Monitor/bin
pip install splunk-sdk -q -t $SPLUNK_HOME/etc/apps/TA-Azure_Monitor/bin/app
pip install futures -q -t $SPLUNK_HOME/etc/apps/TA-Azure_Monitor/bin
- Open a terminal window on the Splunk Enterprise VM.
- If
npm
is not installed on the system (typical of a new Splunk Enterprise box):curl -sL https://deb.nodesource.com/setup_6.x | sudo -E bash -
apt-get install -y nodejs
cd $SPLUNK_HOME/etc/apps/TA-Azure_Monitor/bin/app
npm install
- If
npm
is not installed on the system (typical of a new Splunk Enterprise box):- curl --silent --location https://rpm.nodesource.com/setup_6.x | sudo bash -
- yum -y install nodejs
cd $SPLUNK_HOME/etc/apps/TA-Azure_Monitor/bin/app
npm install
- Once dependencies are installed, the add-on will work by simply disable/enable on the Manage Apps page in Splunk Web. Or, you can restart Splunk.