Guides - Deploy Splunk through the Linode Marketplace
Quickly deploy a Compute Instance with many various software applications pre-installed and ready to use.
Splunk is a powerful log analyzer that can be used to obtain insight into your infrastructure. Splunk collects, monitors, analyzes, and visualizes data from database applications, web servers, cloud networks, and a variety of other sources.
The Akamai Connected Cloud Splunk Marketplace App includes support for the Akamai SIEM integration on deployment. For details on generating valid tokens, see create authentication credentials.
Deploying a Marketplace App
The Linode Marketplace allows you to easily deploy software on a Compute Instance using the Cloud Manager. See Get Started with Marketplace Apps for complete steps.
Log in to the Cloud Manager and select the Marketplace link from the left navigation menu. This displays the Linode Create page with the Marketplace tab pre-selected.
Under the Select App section, select the app you would like to deploy.
Complete the form by following the steps and advice within the Creating a Compute Instance guide. Depending on the Marketplace App you selected, there may be additional configuration options available. See the Configuration Options section below for compatible distributions, recommended plans, and any additional configuration options available for this Marketplace App.
Click the Create Linode button. Once the Compute Instance has been provisioned and has fully powered on, wait for the software installation to complete. If the instance is powered off or restarted before this time, the software installation will likely fail.
To verify that the app has been fully installed, see Get Started with Marketplace Apps > Verify Installation. Once installed, follow the instructions within the Getting Started After Deployment section to access the application and start using it.
Configuration Options
- Supported distributions: Ubuntu 22.04 LTS
- Recommended minimum plan: All plan types and sizes can be used.
Splunk Options
- Splunk Admin user (required): This will be the username you use to login the Splunk Dashboard.
- Akamai Access Token: Akamai Access Token
- Akamai Client Secret: Akamai Client Secret
- Akamai Client Token: Akamai Client Token
- Luna Hostname: Akamai Luna Hostname
- Akamai Security Configuration ID: Akamai Security Configuration ID
Custom Domain (Optional)
If you wish to automatically configure a custom domain, you first need to configure your domain to use Linode’s name servers. This is typically accomplished directly through your registrar. See Use Linode’s Name Servers with Your Domain. Once that is finished, you can fill out the following fields for the Marketplace App:
Linode API Token: If you wish to use the Linode’s DNS Manager to manage DNS records for your custom domain, create a Linode API Personal Access Token on your account with Read/Write access to Domains. If this is provided along with the subdomain and domain fields (outlined below), the installation attempts to create DNS records via the Linode API. See Get an API Access Token. If you do not provide this field, you need to manually configure your DNS records through your DNS provider and point them to the IP address of the new instance.
Subdomain: The subdomain you wish to use, such as www for
www.example.com
.Domain: The domain name you wish to use, such as example.com.
Email address for the SOA record: The start of authority (SOA) email address for this server. This is a required field if you want the installer to create DNS records.
Limited Sudo User
You need to fill out the following fields to automatically create a limited sudo user, with a strong generated password for your new Compute Instance. This account will be assigned to the sudo group, which provides elevated permissions when running commands with the sudo
prefix.
Limited sudo user: Enter your preferred username for the limited user. No Capital Letters, Spaces, or Special Characters.
Locating The Generated Sudo Password A password is generated for the limited user and stored in a
.credentials
file in their home directory, along with application specific passwords. This can be viewed by running:cat /home/$USERNAME/.credentials
For best results, add an account SSH key for the Cloud Manager user that is deploying the instance, and select that user as an
authorized_user
in the API or by selecting that option in the Cloud Manager. Their SSH pubkey will be assigned to both root and the limited user.Disable root access over SSH: To block the root user from logging in over SSH, select Yes. You can still switch to the root user once logged in, and you can also log in as root through Lish.
Accessing The Instance Without SSH If you disable root access for your deployment and do not provide a valid Account SSH Key assigned to theauthorized_user
, you will need to login as the root user via the Lish console and runcat /home/$USERNAME/.credentials
to view the generated password for the limited user.
"
) within any of the App-specific configuration fields, including user and database password fields. This special character may cause issues during deployment.Getting Started after Deployment
Obtaining the Admin Password
The password for the sudo user account was automatically generated during the initial install process. To find this password, log in to your Compute Instance through the LISH Console. The credentials are available in the file /home/$USERNAME/.credentials
cat /home/$USERNAME/.credentials
sudo username: $USERNAME
sudo password: 0oVSsWmkbGesmtuTlOEgFl7t
splunk user: $SPLUNK_USER
splunk admin password: fRLdHksJoMPrjLtRCogEPVLYOML1zQtQ0kIsL7IWvo49
Access your Splunk App
Open a browser and navigate to https://192-0-2-1.ip.linodeusercontent.com:8000
, where 192-0-2-1
represents the IPv4 address of your new Compute Instance. See the Managing IP Addresses guide for information on viewing the rDNS value.
You will be presented a login field where you can enter the credentials you previously specified in the Splunk Username and the generated Splunk Password in /home/$USERNAME/.credentials
.
Now that you’ve accessed your dashboard, checkout the official Splunk documentation to learn how to further configure your instance.
More Information
You may wish to consult the following resources for additional information on this topic. While these are provided in the hope that they will be useful, please note that we cannot vouch for the accuracy or timeliness of externally hosted materials.
This page was originally published on