스플렁크 v10부터 GLIBC 버전이 낮다면서 centos7에서 실행이 되지 않는다.
1 2 3 4 5 6 7 8 9 10 11 12 13 | [root@Snort ~]# rpm -ivh splunk-10.0.0-e8eb0c4654f8.x86_64.rpm warning: splunk-10.0.0-e8eb0c4654f8.x86_64.rpm: Header V4 RSA/SHA256 Signature, key ID b3cd4420: NOKEY Preparing... ################################# [100%] verify that this sytem has all the commands we will require to perform the preflight step no need to run the splunk-preinstall upgrade check useradd: cannot create directory /opt/splunk Updating / installing... 1:splunk-10.0.0-e8eb0c4654f8 ################################# [100%] find: ‘/opt/splunk/lib/python3.7/site-packages’: No such file or directory complete [root@Snort ~]# cd /opt/splunk [root@Snort splunk]# bin/splunk start --accept-license bin/splunk: /lib64/libc.so.6: version `GLIBC_2.25' not found (required by bin/splunk) | cs |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 | [root@Snort ~]# rpm -ivh splunkforwarder-10.0.0-e8eb0c4654f8.x86_64.rpm warning: splunkforwarder-10.0.0-e8eb0c4654f8.x86_64.rpm: Header V4 RSA/SHA256 Signature, key ID b3cd4420: NOKEY Preparing... ################################# [100%] verify that this sytem has all the commands we will require to perform the preflight step no need to run the splunk-preinstall upgrade check useradd: cannot create directory /opt/splunkforwarder Updating / installing... 1:splunkforwarder-10.0.0-e8eb0c4654################################# [100%] find: ‘/opt/splunkforwarder/lib/python3.7/site-packages’: No such file or directory find: ‘/opt/splunkforwarder/lib/python3.9/site-packages’: No such file or directory complete [root@Snort ~]# [root@Snort ~]# cd /opt/splunkforwarder/ [root@Snort splunkforwarder]# bin/splunk start --acctpe-license bin/splunk: /lib64/libc.so.6: version `GLIBC_2.25' not found (required by bin/splunk) [root@Snort splunkforwarder]# [root@Snort splunkforwarder]# ldd --version ldd (GNU libc) 2.17 Copyright (C) 2012 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Written by Roland McGrath and Ulrich Drepper. | cs |
GLIBC를 업데이트 해야 하나 싶어 찾아보니 운영체제 전반에 관여하는 라이브러리니 건드리지 말라는 의견이 대부분. Rocky Linux 10에서 잘 실행된다.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 | [root@rocky ~]# ldd --version ldd (GNU libc) 2.39 Copyright (C) 2024 Free Software Foundation, Inc. 이 프로그램은 자유 소프트웨어입니다. 복사조건은 소스를 참조하십시오. 상품성 이나 특정 목적에 대한 적합성을 비롯하여 어떠한 보증도 하지 않습니다. 만든 사람: Roland McGrath 및 Ulrich Drepper. [root@rocky ~]# [root@rocky ~]# rpm -ivh splunkforwarder-10.0.1-c486717c322b.x86_64.rpm 경고: splunkforwarder-10.0.1-c486717c322b.x86_64.rpm: 헤더 V4 RSA/SHA256 Signature, 키 ID b3cd4420: NOKEY 확인... ################################# [100%] 준비 중... ################################# [100%] verify that this sytem has all the commands we will require to perform the preflight step no need to run the splunk-preinstall upgrade check useradd: 디렉터리 /opt/splunkforwarder을(를) 만들 수 없습니다 최신화 / 설치하기... 1:splunkforwarder-10.0.1-c486717c32################################# [100%] find: ‘/opt/splunkforwarder/lib/python3.7/site-packages’: 그런 파일이나 디렉터리가 없습니다 find: ‘/opt/splunkforwarder/lib/python3.9/site-packages’: 그런 파일이나 디렉터리가 없습니다 complete [root@rocky ~]# [root@rocky ~]# cd /opt/splunkforwarder/ [root@rocky splunkforwarder]# bin/splunk start --accept-license Warning: Attempting to revert the SPLUNK_HOME ownership Warning: Executing "chown -R splunkfwd:splunkfwd /opt/splunkforwarder" This appears to be your first time running this version of Splunk. Splunk software must create an administrator account during startup. Otherwise, you cannot log in. Create credentials for the administrator account. Characters do not appear on the screen when you type in credentials. Please enter an administrator username: admin Password must contain at least: * 8 total printable ASCII character(s). Please enter a new password: Please confirm new password: Creating unit file... Important: splunk will start under systemd as user: splunkfwd The unit file has been created. Splunk> CSI: Logfiles. Checking prerequisites... Checking mgmt port [8089]: open Creating: /opt/splunkforwarder/var/lib/splunk Creating: /opt/splunkforwarder/var/run/splunk Creating: /opt/splunkforwarder/var/run/splunk/appserver/i18n Creating: /opt/splunkforwarder/var/run/splunk/appserver/modules/static/css Creating: /opt/splunkforwarder/var/run/splunk/upload Creating: /opt/splunkforwarder/var/run/splunk/search_telemetry Creating: /opt/splunkforwarder/var/run/splunk/search_log Creating: /opt/splunkforwarder/var/spool/splunk Creating: /opt/splunkforwarder/var/spool/dirmoncache Creating: /opt/splunkforwarder/var/lib/splunk/authDb Creating: /opt/splunkforwarder/var/lib/splunk/hashDb Creating: /opt/splunkforwarder/var/run/splunk/collect Creating: /opt/splunkforwarder/var/run/splunk/sessions New certs have been generated in '/opt/splunkforwarder/etc/auth'. New certs have been generated in '/opt/splunkforwarder/etc/auth'. Checking conf files for problems... Done Checking default conf files for edits... Validating installed files against hashes from '/opt/splunkforwarder/splunkforwarder-10.0.1-c486717c322b-linux-amd64-manifest' All installed files intact. Done All preliminary checks passed. Starting splunk server daemon (splunkd)... Done | cs |
관련 글
댓글 없음:
댓글 쓰기