- Splunk Answers
- :
- Using Splunk
- :
- Splunk Search
- :
- Instead of running ./splunk start or restart out o...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Instead of having to run ./splunk start or ./splunk restart out of the /opt/splunk/bin directory, does anyone have any tricks for adding an alias in .bashrc to simplify this?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I believe it's best practice to start and restart Splunk with sudo /etc/init.d/splunk start/restart, which is generated by running /opt/splunk/bin/splunk enable boot-start. This way you ensure that the Splunk process is always started using the right user with the right permissions.
As for simplifying the command with an alias, all you have to do is edit your ~/.bashrc or ~/.bash_profile and add something along the lines of alias splunk-start="/etc/init.d/splunk start".
Hope that helps.
Edit:
It just occurred to me that you may want to pass an argument to your alias (in which case you may want to directly call /opt/splunk/bin/splunk if it's something other than start/restart/stop that you're trying to run. In that case you could use something like:
alias mysplunk="/opt/splunk/bin/splunk \$@"
Then you could run commands like mysplunk version
Also, don't forget to run source ~/.bashrc after you add your alias.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I believe it's best practice to start and restart Splunk with sudo /etc/init.d/splunk start/restart, which is generated by running /opt/splunk/bin/splunk enable boot-start. This way you ensure that the Splunk process is always started using the right user with the right permissions.
As for simplifying the command with an alias, all you have to do is edit your ~/.bashrc or ~/.bash_profile and add something along the lines of alias splunk-start="/etc/init.d/splunk start".
Hope that helps.
Edit:
It just occurred to me that you may want to pass an argument to your alias (in which case you may want to directly call /opt/splunk/bin/splunk if it's something other than start/restart/stop that you're trying to run. In that case you could use something like:
alias mysplunk="/opt/splunk/bin/splunk \$@"
Then you could run commands like mysplunk version
Also, don't forget to run source ~/.bashrc after you add your alias.
Introducing the 2024 SplunkTrust!
Introducing the 2024 Splunk MVPs!
Splunk Custom Visualizations App End of Life
