How to install Splunk and the Boundary plugin on a new CentOS 6.5 install

Basic Setup

As root execute the following to download and install some basic linux apps:

	sudo su -
	yum install git wget vim htop lsof iftop -y

Download the Installer

Now we will download the appropriate linux installer for Splunk

wget -O splunk-6.1.1-207789-linux-2.6-x86_64.rpm '';

New or additional downloads are available at

Run the installer

rpm -i splunk-6.1.1-207789-linux-2.6-x86_64.rpm

Start the Splunk daemon and application

Using –accept-license allows for a silent startup with no user intervention required

./opt/splunk/bin/splunk start --accept-license

Splunk Scheduler

Schedule Splunk to start whenever the server is rebooted.

./opt/splunk/bin/splunk enable boot-start -user root

Access the UI

You will now be able to access the UI by navigating to:

From a browser:

Configure Splunk Listenter

To configure Splunk to listen on TCP 514 so that logs can be sent to the server

While still logged into the UI, navigate to Settings > Data Inputs > TCP > New

  • Under "TCP port" enter "514"
  • Under "Set Sourcetype" select "Manual"
  • In "Source type" enter "syslog"

Then click "Save", Splunk should now be listening on port 514

Firewall Notes:

If this server is remote to you you may need to open the firewall for TCP 8000, for simple proof of life you can disable the firewall by executing

/etc/init.d/iptables stop

Install Boundary Plugin

Now, to install the Boundary plugin for Splunk, clone the repo to a specific folder

cd /opt/splunk/etc/apps
git clone
mv boundary_splunk_app/ boundary/

Restart Splunk

Now restart Splunk so the Boundary plugin is loaded.

./opt/splunk/bin/splunk stop
./opt/splunk/bin/splunk start

Install Meters

Now for any servers which you want to install the Boundary Meter, log onto that server as root, download the script and add your credentials

curl -3 -s >
chmod +x
./ -d -i <organization>:<organization id>

Boundry Credentials

To get you Boundary credentials for the previous step, log into Boundary:

  • In the User drop down in the upper right corner select "User Settings" which should be at
  • Your organization keys should be listed on this screen.
Special Note: Jeremy – this is where you use Bill’s credentials and each stack is associated with a particular organization

Spread the word

twitter icon facebook icon linkedin icon