diff options
| author | L. Bradley LaBoon | 2015-12-07 12:04:08 -0500 |
|---|---|---|
| committer | L. Bradley LaBoon | 2015-12-07 12:04:08 -0500 |
| commit | d448e97415799c86587ebc345e3d55426e5d5743 (patch) | |
| tree | 3397ceb090a4f59a6fdd9d03c7906675be3d9a8c | |
| download | aur-d448e97415799c86587ebc345e3d55426e5d5743.tar.gz | |
Version 6.3.1
| -rw-r--r-- | .SRCINFO | 19 | ||||
| -rw-r--r-- | PKGBUILD | 26 | ||||
| -rw-r--r-- | splunkforwarder.install | 136 | ||||
| -rw-r--r-- | splunkforwarder.service | 16 |
4 files changed, 197 insertions, 0 deletions
diff --git a/.SRCINFO b/.SRCINFO new file mode 100644 index 000000000000..7daba6701110 --- /dev/null +++ b/.SRCINFO @@ -0,0 +1,19 @@ +# Generated by mksrcinfo v8 +# Mon Dec 7 17:03:16 UTC 2015 +pkgbase = splunkforwarder + pkgdesc = Splunk Universal Forwarder + pkgver = 6.3.1_f3e41e4b37b2 + pkgrel = 1 + url = http://www.splunk.com/ + install = splunkforwarder.install + arch = x86_64 + arch = i686 + license = custom + conflicts = splunk + source = http://download.splunk.com/products/splunk/releases/6.3.1/universalforwarder/linux/splunkforwarder-6.3.1-f3e41e4b37b2-Linux-.tgz + source = splunkforwarder.service + sha256sums = 2fcc095b44cdf47855f7c89bbe57b035e53341855a493f7e9f7fc20df004b761 + sha256sums = 8bd6b2bcf9e9d89d3ab2160c409687313bbee00b7e44b3df3266b44d15a5c152 + +pkgname = splunkforwarder + diff --git a/PKGBUILD b/PKGBUILD new file mode 100644 index 000000000000..2ceaf3b6ce2d --- /dev/null +++ b/PKGBUILD @@ -0,0 +1,26 @@ +# Maintainer: L. Bradley LaBoon <me@bradleylaboon.com> +pkgname=splunkforwarder +pkgver=6.3.1_f3e41e4b37b2 +pkgrel=1 +pkgdesc="Splunk Universal Forwarder" +url="http://www.splunk.com/" +arch=('x86_64' 'i686') +license=('custom') +conflicts=('splunk') +install="$pkgname.install" +source=( + "http://download.splunk.com/products/splunk/releases/6.3.1/universalforwarder/linux/$pkgname-${pkgver//_/-}-Linux-$CARCH.tgz" + "$pkgname.service" +) +sha256sums=( + '2fcc095b44cdf47855f7c89bbe57b035e53341855a493f7e9f7fc20df004b761' + '8bd6b2bcf9e9d89d3ab2160c409687313bbee00b7e44b3df3266b44d15a5c152' +) + +package() { + cd "$srcdir" + install -Dm644 "$pkgname/license-eula.txt" "$pkgdir/usr/share/licenses/$pkgname/LICENSE" + install -Dm644 "$pkgname.service" "$pkgdir/usr/lib/systemd/system/$pkgname.service" + mkdir "$pkgdir/opt" + cp -r "$pkgname" "$pkgdir/opt/" +} diff --git a/splunkforwarder.install b/splunkforwarder.install new file mode 100644 index 000000000000..d54b18740473 --- /dev/null +++ b/splunkforwarder.install @@ -0,0 +1,136 @@ +pre_install() { + SPLUNK_HOME="/opt/splunkforwarder" + + group_exists=no + # Try to test for group existence in a 'modern' fashion + if which getent >/dev/null; then + if getent group splunk >/dev/null; then + group_exists=yes + fi + # or fall back + elif grep '^splunk:' /etc/group >/dev/null; then + group_exists=yes + fi + + if [ "${group_exists}"x = nox ]; then + groupadd splunk + fi + if id splunk > /dev/null 2>&1; then + : #user already exists + else + useradd -c "Splunk Server" -d $SPLUNK_HOME -s /bin/bash -g splunk splunk + fi +} + +post_install() { + SPLUNK_HOME="/opt/splunkforwarder" + + if [ ! -f "$SPLUNK_HOME/etc/splunk-launch.conf" ]; then + sed "s%# SPLUNK_HOME=.*%SPLUNK_HOME=$SPLUNK_HOME%g" "$SPLUNK_HOME/etc/splunk-launch.conf.default" > "$SPLUNK_HOME/etc/splunk-launch.conf" + fi + + # Build the post-install message in steps: + touch "$SPLUNK_HOME/ftr" + echo "-------------------------------------------------------------------------" > "$SPLUNK_HOME/ftr" + echo "Splunk has been installed in:" >> "$SPLUNK_HOME/ftr" + echo " $SPLUNK_HOME" >> "$SPLUNK_HOME/ftr" + echo "" >> "$SPLUNK_HOME/ftr" + echo "To start Splunk, run the command:" >> "$SPLUNK_HOME/ftr" + echo " $SPLUNK_HOME/bin/splunk start" >> "$SPLUNK_HOME/ftr" + echo "" >> "$SPLUNK_HOME/ftr" + echo "" >> "$SPLUNK_HOME/ftr" + echo "To use the Splunk web interface, point your browser to:" >> "$SPLUNK_HOME/ftr" + echo " http://$HOSTNAME:8000" >> "$SPLUNK_HOME/ftr" + echo "" >> "$SPLUNK_HOME/ftr" + echo "" >> "$SPLUNK_HOME/ftr" + echo "Complete documentation is at http://docs.splunk.com/Documentation/Splunk" >> "$SPLUNK_HOME/ftr" + echo "-------------------------------------------------------------------------" >> "$SPLUNK_HOME/ftr" + + echo "Splunk forwarder has been installed to $SPLUNK_HOME" + echo "You can start Splunk by running 'systemctl start splunkforwarder'" + + chown -R splunk:splunk "$SPLUNK_HOME" +} + +pre_upgrade() { + SPLUNK_HOME="/opt/splunkforwarder" + echo "Attempting to stop the installed Splunk Server..." + $SPLUNK_HOME/bin/splunk stop + systemctl stop splunkforwarder + + group_exists=no + # Try to test for group existence in a 'modern' fashion + if which getent >/dev/null; then + if getent group splunk >/dev/null; then + group_exists=yes + fi + # or fall back + elif grep '^splunk:' /etc/group >/dev/null; then + group_exists=yes + fi + + if [ "${group_exists}"x = nox ]; then + groupadd splunk + fi + if id splunk > /dev/null 2>&1; then + : #user already exists + else + useradd -c "Splunk Server" -d $SPLUNK_HOME -s /bin/bash -g splunk splunk + fi +} + +post_upgrade() { + SPLUNK_HOME="/opt/splunkforwarder" + + # Build the post-upgrade message in steps: + touch "$SPLUNK_HOME/ftr" + echo "-------------------------------------------------------------------------" > "$SPLUNK_HOME/ftr" + echo "Splunk has been updated in:" >> "$SPLUNK_HOME/ftr" + echo " $SPLUNK_HOME" >> "$SPLUNK_HOME/ftr" + echo "" >> "$SPLUNK_HOME/ftr" + echo "To start Splunk, run the command:" >> "$SPLUNK_HOME/ftr" + echo " $SPLUNK_HOME/bin/splunk start" >> "$SPLUNK_HOME/ftr" + echo "" >> "$SPLUNK_HOME/ftr" + echo "" >> "$SPLUNK_HOME/ftr" + echo "To use the Splunk web interface, point your browser to:" >> "$SPLUNK_HOME/ftr" + echo " http://$HOSTNAME:8000" >> "$SPLUNK_HOME/ftr" + echo "" >> "$SPLUNK_HOME/ftr" + echo "" >> "$SPLUNK_HOME/ftr" + echo "Complete documentation is at http://docs.splunk.com/Documentation/Splunk" >> "$SPLUNK_HOME/ftr" + echo "-------------------------------------------------------------------------" >> "$SPLUNK_HOME/ftr" + + echo "Splunk forwarder has been upgraded in $SPLUNK_HOME" + echo "Run 'systemctl start splunkforwarder' to complete the upgrade." + + chown -R splunk:splunk "$SPLUNK_HOME" +} + +pre_remove() { + SPLUNK_HOME="/opt/splunkforwarder" + echo "Attempting to stop the installed Splunk Server..." + $SPLUNK_HOME/bin/splunk stop + systemctl stop splunkforwarder +} + +post_remove() { + if [ `pacman -Q | grep splunk | wc -l` -eq 1 ]; then + if id splunk > /dev/null 2>&1; then + userdel -r splunk + fi + + group_exists=no + # Try to test for group existence in a 'modern' fashion + if which getent >/dev/null; then + if getent group splunk >/dev/null; then + group_exists=yes + fi + # or fall back + elif grep '^splunk:' /etc/group >/dev/null; then + group_exists=yes + fi + + if [ "${group_exists}"x = yesx ]; then + groupdel splunk + fi + fi +} diff --git a/splunkforwarder.service b/splunkforwarder.service new file mode 100644 index 000000000000..41d43b6f75f3 --- /dev/null +++ b/splunkforwarder.service @@ -0,0 +1,16 @@ +[Unit] +Description=Splunk Forwarder +Wants=network.target +After=network.target + +[Service] +Type=forking +RemainAfterExit=yes +User=splunk +ExecStart=/opt/splunkforwarder/bin/splunk start --answer-yes --no-prompt --accept-license +ExecStop=/opt/splunkforwarder/bin/splunk stop +ExecReload=/opt/splunkforwarder/bin/splunk restart +StandardOutput=syslog + +[Install] +WantedBy=multi-user.target |