Récupération du paquet Splunk
Se rendre sur le portail Splunk afin de créer un compte.
Une fois le compte créer, s’authentifier puis se rendre sur la page des téléchargements.
Télécharger le paquet correspondant à votre système d’exploitation: dans notre cas il s’agit de splunk-6.1.4-233537-linux-2.6-amd64.deb.
Vérification du paquet Splunk
Télécharger le fichier MD5 correspondant au paquet précédemment télécharger afin de vérifier l’intégrité du téléchargement (via un md5sum).
Une fois le paquet et le fichier MD5 dans le même répertoire, lancer la vérification :
# md5sum -c splunk-6.1.4-233537-linux-2.6-amd64.deb.md5 splunk-6.1.4-233537-linux-2.6-amd64.deb: OK
Installation de Splunk
Installer Splunk :
# dpkg -i splunk-6.1.4-233537-linux-2.6-amd64.deb
Démarrer Splunk :
# /opt/splunk/bin/splunk start
Accepter la licence :
SPLUNK SOFTWARE LICENSE AGREEMENT THIS SPLUNK SOFTWARE LICENSE AGREEMENT ("AGREEMENT") GOVERNS THE INSTALLATION AND USE OF THE SPLUNK SOFTWARE DESCRIBED HEREIN. THE INSTALLATION AND USE OF THE SPLUNK SOFTWARE WILL BE SUBJECT TO THE ORDER DOCUMENT(S). YOU WILL BE REQUIRED TO INDICATE YOUR AGREEMENT TO THESE TERMS AND CONDITIONS IN ORDER TO DOWNLOAD THE SOFTWARE, REGISTER THE SOFTWARE WITH SPLUNK AND OBTAIN LICENSE KEYS NECESSARY TO COMPLETE THE INSTALLATION PROCESS FOR THE SOFTWARE. BY CLICKING ON THE "YES" BUTTON OR OTHER BUTTON OR MECHANISM DESIGNED TO ACKNOWLEDGE AGREEMENT TO THE TERMS OF AN ELECTRONIC COPY OF THIS AGREEMENT, OR DOWNLOADING OR INSTALLING THE SOFTWARE, OR USING ANY MEDIA THAT CONTAINS THE SOFTWARE, YOU ARE CONSENTING TO BE BOUND BY THIS AGREEMENT, INCLUDING ALL TERMS INCORPORATED BY REFERENCE. THIS AGREEMENT IS ENFORCEABLE AGAINST ANY PERSON OR ENTITY THAT USES THE SOFTWARE AND ANY PERSON OR ENTITY THAT USES THE SOFTWARE ON ANOTHER PERSON'S OR ENTITY'S BEHALF. YOU AGREE THAT THIS AGREEMENT IS EQUIVALENT TO ANY WRITTEN NEGOTIATED AGREEMENT SIGNED BY YOU. IF YOU AGREE TO THESE TERMS ON BEHALF OF A BUSINESS OR A GOVERNMENT AGENCY, DEPARTMENT OR INSTRUMENTALITY, YOU REPRESENT AND WARRANT THAT YOU HAVE AUTHORITY TO BIND THAT BUSINESS TO THIS AGREEMENT, AND YOUR AGREEMENT TO THESE TERMS WILL BE TREATED AS THE AGREEMENT OF THE BUSINESS. IN THAT EVENT, "YOU" AND "YOUR" REFER HEREIN TO THAT BUSINESS. THIS SOFTWARE IS BEING LICENSED AND NOT SOLD TO YOU. SPLUNK PERMITS YOU TO DOWNLOAD, INSTALL AND USE THE FUNCTIONALITY OR FEATURES OF THE SOFTWARE ONLY IN ACCORDANCE WITH THE TERMS OF THIS AGREEMENT. 1. DEFINITIONS. Capitalized terms not otherwise defined herein can be found in Exhibit A. 2. TERM. This Agreement will be in effect perpetually unless earlier terminated as provided herein (the "Term"). 3. LICENSE GRANTS. Subject to your compliance with the terms and conditions of this Agreement, including (as applicable) your timely payment of license fees set forth in the applicable Order Document (the "License Fees"), Splunk grants to you the following nonexclusive, worldwide, nontransferable, nonsublicensable, revocable, limited licenses during the Term (or such other period of time provided in your Order Document) to use solely for your Internal Business Purpose: 3.1. the Purchased Software to index no more than the peak daily volume of uncompressed data set forth in your Order Document for which you have paid the applicable License Fees (the "Purchased Peak Daily Volume"); 3.2. the Purchased Software to analyze and visualize data from the number of Nodes or the Fractional Use of Nodes identified in the applicable Order Document; 3.3. the Splunk Extensions solely for use with the Software; 3.4. the Purchased Software for Data Duplication; and 3.5. the Splunk API solely for the purpose of developing Extensions for use with the Software (collectively, "Your Extensions"). You agree to assume full responsibility for the performance of Your Extensions, and shall indemnify, hold harmless, and defend Splunk (including all of its officers, employees, directors, subsidiaries, representatives, Affiliates and agents) and Splunk's licensors and suppliers from and against any claims or lawsuits, including attorney's fees and expenses, that arise or result from Your Extensions. You retain title to and copyright for Your Extensions, subject to Splunk's title to and copyright for the Splunk Materials as specified in Section 6 below. 3.6. Some software components may be distributed with the Software. If separate license terms accompany those components, such separate license terms apply to Your use of such components. 4. FREE SPLUNK SOFTWARE AND EVALUATION SOFTWARE LICENSES. 4.1. Free Splunk Software License. Subject to your compliance with the terms and conditions of this Agreement, Splunk grants to you a non-exclusive, worldwide, fully-paid up copyright license to use the Free Splunk Software subject to the following conditions: (i) you may index no more than 500MB of uncompressed data per day (the "Free Peak Daily Volume") and (ii) you may use the Free Splunk Software only for your Internal Business Purposes. You acknowledge that the Free Splunk Software may be limited in features, functions, or have other limitations not present in the Purchased Software or Evaluation Software. 4.2. Evaluation Software Trial License. Notwithstanding Section 2 of this Agreement, if the applicable Order Document is limited to a free trial license of the Evaluation Software or you are otherwise provided a free trial license of the Evaluation Software, then the term will be limited to the free trial period specified in the Order Document or with the license key (the "Trial Period"). This Agreement and any license rights granted hereunder will automatically terminate at the end of the Trial Period, and there will be no renewal term. You may install and use the Evaluation Software solely (i) to index no more than the amount of uncompressed data per day provided in such Order Document or with the license key (the "Trial Peak Daily Volume") or to analyze and visualize data from no more than five (5) Nodes, as applicable; and (ii) for the purpose of determining whether to purchase a commercial license to the Purchased Software, and not for any revenue generation, commercial activity or other productive business or developmental purpose. Any license keys provided for a free trial will automatically expire and may cause the Evaluation Software to become non-operational at the end of the Trial Period. If You wish to use the Evaluation Software after the Trial Period expires, You agree to purchase the applicable license. By continuing to use the Evaluation Software after the Trial Period expires, You acknowledge and agree that You shall be responsible for any and all license fees required for such use. Splunk reserves the right to exercise its rights under Section 9 of this Agreement to ensure compliance with this Section 4.2. 4.3. Limitations. To the extent that any provision of this Section 4 is in conflict with any other term or conditions of this Agreement, this Section 4 shall supersede such other terms and conditions with respect to the Free Splunk Software or Evaluation Software, but only to the extent necessary to resolve the conflict. Splunk reserves the right to terminate your license to use the Free Splunk Software or Evaluation Software at any time in its sole discretion. Provisions in this Agreement regarding License Fees, maintenance and support, warranty and indemnification, including, without limitation, Sections 7, 8, 10, 11, and 13, will not apply to Free Splunk Software or Evaluation Software. 5. SOFTWARE RESTRICTIONS. You agree not to (a) use the Splunk Materials or Your Extensions except as expressly authorized in this Agreement and your Order Document; (b) copy the Software (except as required to run the Software and for reasonable backup purposes); (c) modify, adapt, or create derivative works of the Software; (d) rent, lease, loan, resell, transfer, sublicense (including, but not limited to, offering any of the functionality of the Splunk Materials or Your Extensions on a service provider, hosted or time sharing basis) or distribute the Splunk Materials or Your Extensions to any third party; (e) decompile, disassemble or reverse-engineer the Software or otherwise attempt to derive the Software source code; (f) disclose to any third party the results of any benchmark tests or other evaluation of the Software; or (g) authorize any third parties to do any of the above. Any consultant, contractor, or agent hired to perform services for you may operate the Software on your behalf under these terms and conditions, provided that: (v) you are responsible for ensuring that any such third party agrees to abide by and fully comply with the terms of this Agreement on the same basis as applicable to you; (x) such use is only in connection with your Internal Business Purpose; (y) such use does not represent or constitute an increase in the scope of the licenses provided hereunder; and (z) you remain fully liable for any and all acts or omissions by such third parties related to this Agreement. The Software will be configured to display warnings, reduce available functionality, and/or cease searching data when the Peak Daily Volume is reached. Any violation of this Section shall be a material breach of this Agreement subject to immediate termination of this Agreement for which no notice from Splunk shall be required. 6. OWNERSHIP. Splunk, its suppliers and/or its licensors own all worldwide right, title and interest in and to the Splunk Materials, including all worldwide patent rights (including patent applications and disclosures); copyright rights (including copyrights, copyright registration and copy rights with respect to computer software, software design, software code, software architecture, firmware, programming tools, graphic user interfaces, reports, dashboard, business rules, use cases, screens, alerts, notifications, drawings, specifications and databases); trademark rights (including the goodwill associated therewith); moral rights; trade secrets and other rights with respect to confidential or proprietary information; know-how; other rights with respect to inventions, discoveries, ideas, improvements, techniques, formulae, algorithms, processes, schematics, testing procedures, technical information and other technology; and any other intellectual and industrial property rights, whether or not subject to registration or protection; and all rights under any license or other arrangement with respect to the foregoing (the "Intellectual Property Rights"). Except as expressly stated in this Agreement, Splunk does not grant you any Intellectual Property Rights in the Splunk Materials, and all right, title, and interest in and to all copies of the Splunk Materials not expressly granted herein remain with Splunk, its suppliers and/or its licensors. The Splunk Materials are copyrighted and protected by the laws of the United States and other countries, and international treaty provisions. You may not remove or obscure any copyright, trademark, and/or any other intellectual property or other proprietary notices from the Splunk Materials. 7. PURCHASED SOFTWARE LICENSE FEES. In order to access and use the Purchased Software, you are required to pay to Splunk the License Fees, which are due thirty (30) days from the date of the Splunk invoice. The License Fees will be due and payable in accordance with the terms set forth in your Order Document. Any failure to pay the License Fees in accordance with an Order Document may result in automatic revocation and termination of this Agreement and all rights and licenses granted hereunder in Splunk's sole discretion. All License Fees are non-refundable once paid. Any fees and payment terms for Splunk Extensions will be identified on your Order Document or on apps.splunk.com. 8. MAINTENANCE AND SUPPORT. Subject to your payment of the applicable annual maintenance and support fees set forth in your Order Document (the "Support Fees"), which are due thirty (30) days from the date of the Splunk invoice, Splunk will provide the level of Support for the Purchased Software identified in your Order Document and in accordance with the support and maintenance terms and conditions set forth on Exhibit B (the "Support and Maintenance Terms and Conditions"), attached hereto and made a part hereof. Splunk is not obligated to support, update or upgrade the Evaluation Software or the Free Splunk Software. 9. SOFTWARE VERIFICATION AND AUDIT. At Splunk's written request, you will furnish Splunk with a certification signed by your authorized representative verifying that the Purchased Software or the Evaluation Software, as applicable, is being used in accordance with the terms and conditions of this Agreement and the applicable Order Document. Upon at least ten (10) days' prior written notice and subject to applicable reasonable or national security requirements, if any, Splunk may audit your use of the Purchased Software or the Evaluation Software to ensure that you are in compliance with the terms of this Agreement and the applicable Order Document. Any such audit will be conducted during regular business hours at your facilities, will not unreasonably interfere with your business activities and will be in compliance with your reasonable security procedures. You will provide Splunk with reasonable access to the relevant records and facilities for the Purchased Software or the Evaluation Software. If an audit reveals that you have exceeded the Peak Daily Volume or the scope of your license grant during the period audited, then Splunk will invoice you, and you will promptly pay Splunk any underpaid fees based on Splunk's price list in effect at the time the audit is completed. If the excess daily volume usage exceeds ten percent (10%) of the Peak Daily Volume, then you will also pay Splunk's reasonable costs of conducting the audit. This Section shall survive expiration or termination of this Agreement for a period of three (3) years. 10. PURCHASED SOFTWARE WARRANTY. Splunk warrants that for a period of thirty (30) days after the earlier of delivery of the Purchased Software or registration of the Purchased Software with Splunk, the Purchased Software will substantially achieve any material function described in documentation for the Purchased Software published by Splunk. As Splunk and its Affiliates, licensors and suppliers' sole liability and your sole remedy for any failure of the Purchased Software to conform to this warranty, Splunk will repair or replace (at Splunk's option) your copy of the Purchased Software. You acknowledge that the Evaluation Software and the Free Splunk Software are provided on an "as is" basis, and Splunk disclaims any warranty or liability obligations to you of any kind with respect to the Evaluation Software or the Free Splunk Software. 11. WARRANTY DISCLAIMER. EXCEPT AS SET FORTH IN SECTION 10 ABOVE, SPLUNK, ITS AFFILIATES, LICENSORS AND SUPPLIERS PROVIDE THE SPLUNK MATERIALS AS-IS AND EXPRESSLY DISCLAIM ANY AND ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, QUIET ENJOYMENT, AND INTEGRATION, AND WARRANTIES ARISING OUT OF COURSE OF DEALING OR USAGE OF TRADE. YOU AGREE THAT, AS BETWEEN YOU AND SPLUNK, YOU ARE RESPONSIBLE FOR THE ACCURACY AND QUALITY OF YOUR DATA INPUT INTO ANY SPLUNK MATERIALS. BECAUSE THIS DISCLAIMER OF WARRANTY MAY NOT BE VALID IN SOME STATES OR JURISDICTIONS, THE ABOVE DISCLAIMER MAY NOT APPLY TO YOU. 12. LIMITATION OF LIABILITY. TO THE EXTENT PERMITTED BY APPLICABLE LAW, SPLUNK'S TOTAL CUMULATIVE LIABILITY TO YOU, FROM ALL CAUSES OF ACTION AND ALL THEORIES OF LIABILITY, WILL BE LIMITED TO AND WILL NOT EXCEED THE AMOUNTS PAID BY YOU TO SPLUNK UNDER THE APPLICABLE ORDER DOCUMENT GIVING RISE TO SUCH LIABILITY IN THE TWELVE (12) MONTHS PRIOR TO THE EVENT GIVING RISE TO SUCH LIABILITY. IN NO EVENT WILL SPLUNK BE LIABLE TO YOU FOR ANY SPECIAL, INDIRECT, INCIDENTAL, CONSEQUENTIAL OR PUNITIVE DAMAGES (INCLUDING LOSS OF USE, DATA, OR PROFITS, BUSINESS INTERRUPTION, OR COSTS OF PROCURING SUBSTITUTE SPLUNK MATERIALS OR SUBSTITUTE SUPPORT) ARISING OUT OF OR IN CONNECTION WITH THIS AGREEMENT OR THE USE OR PERFORMANCE OF THE SPLUNK MATERIALS OR THE SUPPORT, WHETHER SUCH LIABILITY ARISES FROM CONTRACT, WARRANTY, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY OR OTHERWISE, AND WHETHER OR NOT SPLUNK HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH LOSS OR DAMAGE. THE PARTIES HAVE AGREED THAT THESE LIMITATIONS WILL SURVIVE AND APPLY EVEN IF ANY REMEDY IS FOUND TO HAVE FAILED OF ITS ESSENTIAL PURPOSE. WITHOUT LIMITING THE FOREGOING, SPLUNK WILL HAVE NO LIABILITY OR RESPONSIBILITY FOR ANY BUSINESS INTERRUPTION OR LOSS OF DATA ARISING FROM THE AUTOMATIC TERMINATION OF THE LICENSE RIGHTS GRANTED HEREIN AND ANY ASSOCIATED CESSATION OF THE FUNCTIONS OF THE SPLUNK MATERIALS. BECAUSE SOME STATES OR JURISDICTIONS DO NOT ALLOW LIMITATION OR EXCLUSION OF CONSEQUENTIAL OR INCIDENTAL DAMAGES, THE ABOVE LIMITATION MAY NOT APPLY TO YOU. Splunk is acting on behalf of its Affiliates, licensors and suppliers for the purpose of disclaiming, excluding and limiting obligations, warranties and liability, but in no other respects and for no other purposes. 13. PURCHASED SOFTWARE INDEMNITY. Provided your use of the Purchased Software was in accordance with the terms of this Agreement, Splunk will defend, indemnify and hold you harmless from and against any loss, damage, liability or cost (including reasonable attorneys' fees) resulting from any third party claim that the Purchased Software infringes or violates any third party's copyright, trademark, rights; provided that you promptly notify Splunk in writing of any and all such claims. In the event of any loss, damage, liability or cost for which Splunk is obligated to indemnify you hereunder, Splunk shall have sole control of the defense and all related settlement negotiations, and you shall reasonably cooperate with Splunk in the defense and/or settlement thereof at Splunk's expense; provided that you may participate in such defense using your own counsel, at your own expense. The indemnification obligations set forth in this Section constitute your sole remedy, and Splunk's sole liability, with respect to any claims that the Purchased Software infringes any third party's intellectual property rights 14. CONFIDENTIAL INFORMATION. 14.1. Confidential Information. "Confidential Information" means any technical or business information, ideas, materials, know-how or other subject matter that is disclosed by one party to the other party that: (A) if disclosed in writing, is marked "confidential" or "proprietary" at the time of such disclosure; (B) if disclosed orally, is identified as "confidential" or "proprietary" at the time of such disclosure, and is summarized in a writing sent by the disclosing party to the receiving party within thirty (30) days after any such disclosure; or (C) under the circumstances, a person exercising reasonable business judgment would understand to be confidential or proprietary. "Confidential Information" of Splunk shall include the Splunk Materials, source code and the license keys to download the Software. 14.2. Use and Disclosure Restrictions. The party receiving Confidential Information ("Recipient") agrees: (i) to maintain the Confidential Information of the party disclosing such information (the "Discloser") in the strictest of confidence; (ii) not to disclose such Confidential Information to any third parties; and (iii) not to use any such Confidential Information for any purpose other than in furtherance of this Agreement and the activities described herein. Recipient will treat Confidential Information of the Discloser with the same degree of care as it accords to its own Confidential Information, but in no event with less than reasonable care. Recipient may disclose the Confidential Information of Discloser to its directors, officers, employees and consultants (collectively, "Representatives") who have a bona fide need to know such Confidential Information, but solely to the extent necessary to pursue the activities described herein and for no other purpose; provided that each such Representative first executes a written agreement (or is otherwise already bound by a written agreement) that contains use and nondisclosure restrictions at least as protective of the other party's Confidential Information as those set forth herein. 14.3. Exclusions. The obligations of Recipient under Section 14.2 shall not apply to any Confidential Information which: (a) is now or thereafter becomes generally known or available to the public, through no act or omission on the part of Recipient (or any of its Representatives, affiliates, or agents) or any third party subject to any use or disclosure restrictions with respect to such Confidential Information; (b) was known by or lawfully in the possession of Recipient, prior to receiving such information from Discloser, without restriction as to use or disclosure; (c) is rightfully acquired by Recipient from a third party who has the right to disclose it and who provides it without restriction as to use or disclosure; or (d) is independently developed by Recipient without access to any Confidential Information of Discloser. 14.4. Required Disclosures. The provisions of Section 14.2 will not restrict Recipient from disclosing Discloser's Confidential Information to the extent required by any law or regulation or compelled by a court or administrative agency of competent jurisdiction. 14.5. Independent Development. Recipient reserves the right to develop and market any technology, products or services or pursue business opportunities that compete with or are similar to those disclosed by Discloser under this Agreement without the use of the Discloser's Confidential Information. Nothing contained in this Agreement shall prohibit or restrict Recipient from employing general ideas, concepts or techniques which may be retained in the unaided human memory by Recipient personnel in the course of their review of the Confidential Information (but without any attempt to memorize such information). The foregoing sentence shall not, however, grant Recipient any rights under any patents or copyrights. 14.6. Return or Destruction of Confidential Information. Upon termination of the Agreement or support and maintenance, Recipient will promptly return to Discloser, or at Discloser's option, destroy, all tangible items and embodiments containing or consisting of Discloser's Confidential Information and all copies thereof and provide written certification of such destruction or return by an authorized person. 15. TERMINATION. You may terminate this Agreement at any time by providing to Splunk a written statement signed by your authorized representative notifying Splunk that you are terminating the Agreement. If you are not a U.S. Government agency, department, or instrumentality, upon thirty (30) days notice, Splunk may terminate this Agreement (and your license rights) upon notice in the event that you breach any provision of this Agreement and have not cured the breach during such notice period. Notwithstanding the foregoing, a material breach of any license granted to you shall be grounds for immediate termination. If you are a U.S. Government agency, department, or instrumentality, termination terms and conditions shall be governed by 48 C.F.R. § 52.212-4. Upon any expiration or termination of this Agreement, the rights and licenses granted hereunder will automatically terminate, and you agree to immediately cease using the Splunk Materials and to return or destroy all copies of the Splunk Materials, including any documentation, and other Splunk Confidential Information in your possession or control and certify in writing the completion of such return or destruction in accordance with Section 14.6. In the event of termination of this Agreement, Splunk will have no obligation to refund any License Fees, Support Fees, or other fees received from you during the Term. Section 1 (Definitions), Section 3.5 (solely with respect to indemnity), Section 6 (Ownership), Section 9 (Software Verification and Audit), Section 11 (Warranty Disclaimer), Section 12 (Limitation of Liability), Section 13 (Purchased Software Indemnity), Section 15 (Termination) and Sections 16 (Severability) through 22 (General) shall survive termination of this Agreement 16. SEVERABILITY. Unless otherwise provided herein, all rights and remedies, whether conferred hereunder or by any other instrument or law, will be cumulative and may be exercised singularly or concurrently. The failure by either party to enforce any provisions of this Agreement will not constitute a waiver of any other right hereunder or of any subsequent enforcement of that or any other provisions. The terms and conditions stated herein are declared to be severable. If a court of competent jurisdiction holds any provision of this Agreement invalid or unenforceable, the remaining provisions of the Agreement will remain in full force and effect, and the provision affected will be construed so as to be enforceable to the maximum extent permissible by law. 17. EXPORT. You will comply fully with all relevant export laws and regulations of the United States and any other country ("Export Laws") where you use any of the Splunk Materials. You certify that you are not on any of the relevant U.S. Government Lists of prohibited persons, including but not limited to the Treasury Department's List of Specially Designated Nationals, and the Commerce Department's List of Denied Persons or Entity List. You further certify that you shall not export, re-export, ship, transfer or otherwise use the Splunk Materials in any country subject to an embargo or other sanction by the United States, including Iran, Syria, Cuba, Sudan and North Korea and that you shall not use the Splunk Materials for any purpose prohibited by the Export Laws, including, but not limited to, nuclear, chemical, missile or biological weapons related end uses. 18. GOVERNMENT END USER RIGHTS. You acknowledge that all Splunk Materials were developed entirely at private expense and that no part of the Splunk Materials was first produced in the performance of a Government contract. You agree that all Splunk Materials and any derivatives thereof are "Commercial Items" as defined in 48 C.F.R. § 2.101, and if You are a U.S. Government agency or instrumentality or if You are providing all or any part of the Splunk Material or any derivatives thereof to the U.S. Government, such use, duplication, reproduction, release, modification, disclosure or transfer of this commercial product and data, is restricted in accordance with 48 C.F.R. § 12.211, 48 C.F.R. § 12.212, 48 C.F.R. § 227.7102-2, and 48 C.F.R. § 227.7202, as applicable. Consistent with 48 C.F.R. § 12.211, 48 C.F.R. § 12.212, 48 C.F.R. § 227.7102-1 through 48 C.F.R. § 227.7102-3, and 48 C.F.R. §§ 227.7202-1 through 227.7202-4, as applicable, the Splunk Materials are licensed to U.S. Government end users (i) only as Commercial Items and (ii) with only those rights as are granted to all other users pursuant to this Agreement and any related agreement(s), as applicable. Accordingly, You will have no rights in the Splunk Materials except as expressly agreed to in writing by You and Splunk. 19. PUBLICITY. You agree that Splunk may publish a brief description highlighting your deployment of the Software, identify you as a Splunk customer on any of Splunk's websites, client lists, press releases, and/or other marketing materials. 20. THIRD PARTY CONTENT DISCLAIMER. Most of the Extensions and content on apps.splunk.com are submitted by third parties ("Third-Party Content"). Such Third-Party Content is the sole responsibility of the originator of that Third-Party Content. Splunk is not responsible for any Third-Party Content, whether or not Splunk reviewed or moderated such Third Party Content. You agree that you bear all risks associated with using or relying on the Third Party Content. Splunk does not in any way warrant the accuracy, reliability, completeness, usefulness, non-infringement, or quality of any Third-Party Content, regardless of who originated that content (including our employees, partners, Affiliates or moderators), and even if an application is designated as "certified". Splunk hereby disclaim all warranties, including, but not limited to, any implied warranties of merchantability, quiet enjoyment, integration or fitness for a particular purpose, relating to Third Party Content. Splunk shall not be liable or responsible in any way for any loss or damage of any kind, including, but not limited to, lost profits, loss of use, data, business interruption, costs of procuring substitute software or other indirect or consequential damages, relating to your use of or reliance upon any Third Party Content. 21. CHOICE OF LAW AND DISPUTES. The following Choice of Law and Disputes terms and conditions shall apply under this Agreement: (i) For other than the U.S. Government as a party, this Agreement shall be governed by and construed in accordance with the laws of the State of California, as if performed wholly within the state and without giving effect to the principles of conflict of law rules of any jurisdiction or the United Nations Convention on Contracts for the International Sale of Goods, the application of which is expressly excluded. Any legal action or proceeding arising under this Agreement will be brought exclusively in the federal or state courts located in San Francisco, California and the parties hereby consent to personal jurisdiction and venue therein. If a dispute arises between You and Splunk, and either You or Splunk files suit in any court of competent jurisdiction to enforce rights under this Agreement, then the prevailing party shall be entitled to recover from the other party all costs of such action or suit, including, but not limited to, investigative costs, court costs and reasonable attorneys' fees (including expenses incurred to collect those expenses). (ii) If a dispute arises between You and Splunk that is related to a Government customer that is subject to the Contract Disputes Act, 41 U.S.C. § 7101 et seq., concerning issues of fact or law which relate to this Agreement (a "CDA Dispute"), the following dispute procedures shall apply. If the U.S. Government issues a final decision regarding a CDA Dispute, such decision shall be provided within ten (10) days of receipt by You by written notification to Splunk and subsequently binding upon Splunk to the same extent it is binding upon You, subject to Splunk's right to seek additional time, cost or both. Splunk shall continue performance in accordance with the decision pending any appeal that may be initiated pursuant to the provisions below. If You elect to appeal such decision under Your prime contract "Disputes" clause, Splunk shall be permitted to participate fully in such appeal concerning issues of fact or law which relate to this Agreement for the purpose of protecting Splunk's interest. You shall not enter into a settlement with the Government as to any portion of the appeal affecting Splunk without Splunk's prior written consent. If You elect not to appeal a CDA Dispute, such election must be made within thirty (30) days of the Government's final decision and Company agrees to notify Splunk within three (3) days after Company elects not to appeal. If Splunk elects to pursue appeal of such decision by the Contracting Officer, Splunk shall provide written notice of such election to You, and the parties shall enter into a sponsorship agreement pursuant to which Splunk shall have the right to prosecute in Your name, any and all appeals arising from the Government's determination. Any such appeal brought by Splunk in Your name shall be at the expense of Splunk, provided, however, that You, at Your expense, shall provide Splunk with reasonable assistance in the presentation of such appeal. (iii) If You are the U.S. Government as a party to this Agreement, this Agreement shall be governed by and interpreted in accordance with the Contract Disputes Act of 1978, as amended (41 U.S.C. §§ 7101-7109). Failure of the parties to reach agreement on any request for equitable adjustment, claim, appeal, or action arising under or relating to this Agreement shall be a dispute to be resolved in accordance with the clause at 48 C.F.R § 52.233-1, which is incorporated in this Agreement by reference. 22. GENERAL. All notices required or permitted under this Agreement or any Exhibit hereto will be in writing and delivered in person, by confirmed facsimile transmission, by overnight delivery service, or by registered or certified mail, postage prepaid with return receipt requested, and in each instance will be deemed given upon receipt. All communications will be sent to the addresses set forth in the applicable Order Document(s) or to such other address as may be specified by either party to the other party in accordance with this Section. You may not assign, delegate or transfer this Agreement, in whole or in part, by agreement, operation of law or otherwise. Splunk may assign this Agreement in whole or in part to (i) an Affiliate, upon written notice to you (such notice to be delivered electronically or otherwise) or (ii) in connection with an internal reorganization or in connection with a merger, acquisition, or sale of all or substantially all of Splunk's assets. Any attempt to assign this Agreement other than as permitted herein will be null and void; provided, however, Splunk may assign its rights to receive payment due as a result of performance of this Agreement to a bank, trust company, or other financing institution, including any Federal lending agency in accordance with the Assignment of Claims Act (31 U.S.C. § 3727) and may assign this Agreement in accordance with the provisions at 48 C.F.R § 42.12, as applicable. Subject to the foregoing, this Agreement will bind and inure to the benefit of the parties' permitted successors and assigns. This Agreement along with any additional terms incorporated herein by reference, including any Order Documents and any Exhibits hereto, constitute the complete and exclusive understanding and agreement between the parties and supersede any and all prior or contemporaneous agreements, communications and understandings, written or oral, relating to their subject matter. Any waiver, modification or amendment of any provision of this Agreement will be effective only if in writing and signed by duly authorized representatives of both parties. Any terms and conditions contained or referenced by either party in a quote, purchase order, acceptance, invoice or any similar document purporting to modify the terms and conditions contained in this Agreement shall be disregarded and have no effect unless otherwise expressly agreed to by the parties in accordance with the preceding sentence. EXHIBIT A DEFINITIONS 1. "Affiliate" means, with respect to any person or entity, any other person or entity that directly or indirectly Controls or is Controlled by such person or entity, from time to time, but only for so long as such Control exists. "Control" and its grammatical variants mean (i) a general partnership interest in a partnership, or (ii) the beneficial ownership of a majority of the outstanding equity entitled to vote for directors. 2. "Data Duplication" means an indexer that receives already indexed data from another indexer or group of indexers that first processed the same data under a valid Software license. 3. "Cluster" means a group of Nodes administered by one Hadoop JobTracker or Hadoop Resource Manager. 4. "Enhancements" means any updates, upgrades, releases, fixes, enhancements or modifications to the Software as provided under the terms and conditions outlined in Exhibit B. 5. "Evaluation Software" means Software licensed for internal evaluation purposes and not for productive business use. 6. "Extensions" mean any separate downloadable suite, add-on, example module, command, function, or application which extends the Software. 7. "Fractional Use of Nodes" means the greater of compute load or applicable storage of the number of Nodes in Cluster(s) for a specific use case or business unit, as identified in an Order Document. 8. "Free Splunk Software" means Software licensed for free from Splunk. 9. "Internal Business Purpose" means the use of any of the Splunk Materials, as applicable, only for Your internal business use with Your systems, networks, devices and data. Such use does not include use of Your systems, networks or devices as part of services You provide for a third party's benefit. 10. "Node" means a 64 bit Linux operating system or any other operating system identified in the documentation that runs Hadoop TaskTracker or Node Manager to execute Splunk jobs. 11. "Order Document(s)" mean the purchase order or any equivalent ordering document and the order confirmation that detail the components, solutions, and quantities of your purchase of Splunk Materials. 12. "Peak Daily Volume" means the Purchased Peak Daily Volume, the Free Peak Daily Volume and/or the Trial Peak Daily Volume, as applicable. 13. "Purchased Software" means Software purchased through Splunk or other channels. 14. "Software" means the software components listed in the Order Document(s), Free Splunk Software, and Evaluation Software which have a valid license, and any applicable Enhancements thereof or thereto. 15. "Splunk" means Splunk Inc., a Delaware corporation, 250 Brannan Street, San Francisco, California 94107. 16. "Splunk API" means the documentation and functionality included with the Software which enable the creation of Extensions. 17. "Splunk Extensions" mean any Extensions authored by Splunk and downloadable through Splunk's online store. 18. "Splunk Materials" mean the Software, Splunk API, and/or the Splunk Extensions. EXHIBIT B SPLUNK INC. SUPPORT AND MAINTENANCE TERMS AND CONDITIONS You agree that the following terms and conditions ("Terms and Conditions") shall govern the delivery of any support and/or maintenance services by Splunk ("Support") listed on an Order Document entered into pursuant to the Splunk Software License Agreement (the "Agreement") to which these Terms and Conditions are attached and made a part thereof. Subject to your termination rights set forth in the Agreement, ordering any Support from Splunk or any authorized reseller indicates your acceptance of these Terms and Conditions. These Terms and Conditions are effective upon receipt and confirmation of acceptance of your purchase order by Splunk or an authorized reseller (the "Effective Date"). 1. DEFINITIONS. Unless otherwise defined in these Terms and Conditions, capitalized terms shall have the meanings set forth in the Agreement. 2. SUPPORT AND MAINTENANCE. 2.1. Services. Subject to your timely payment of the applicable annual Support fees set forth in your Order Document(s) (the "Support Fees"), Splunk will provide the level of Support identified in your Order Document(s) in accordance with the Support descriptions set forth below. Splunk will notify (electronically or otherwise) you of any amendments to such Support descriptions in each notice of term renewal. No other maintenance or support for the Software is included in these Terms and Conditions. 2.2. Support Fees. Support Fees will be due and payable in accordance with the Order Document(s). Splunk will notify (electronically or otherwise) you of the then-current annual Support Fee for your level of Support in each notice of term renewal. Support Fees will be non-refundable once paid. 2.3. Exclusions. Splunk will have no obligation of any kind to provide Support for problems caused by or arising out of any of the following (each, a "Licensee-Generated Error"): (i) modifications to the Software not made by Splunk; (ii) use of the Software other than as authorized in the Agreement or as provided in the documentation for the Software; (iii) damage to the media on which the Software is provided or to the machine on which the Software is installed; (iv) your negligence or fault; (v) versions of the Software other than the most recent version or the Supported Prior Version (defined in Section 2.5.9); (vi) third-party products not expressly supported by Splunk; or (vii) conflicts related to replacing or installing hardware, drivers, and software that has not been Splunk certified. If Splunk determines that it is necessary to provide support for a problem caused by a Licensee-Generated Error, Splunk will notify you thereof as soon as Splunk is aware of such Licensee-Generated Error and Splunk will have the right to invoice you at Splunk's then-current time and materials rates for any such support provided by Splunk. 2.4. Restrictions. Support is delivered in English only unless you are in a location where Splunk has made localized Support available. 2.5. Support Descriptions. 2.5.1. Splunk Enterprise Support. Splunk Enterprise Support provides telephone support, online documentation, web forums, email and a web-based portal for submitting cases and tracking case status. Support cases are handled based on case priority levels as described in Section 2.5.3. When submitting a case, customers select the priority for initial response by logging the case online, in accordance with the priority guidelines set forth in Section 2.5.3. When the case is received, Splunk Customer Support may change the priority if the issue does not conform to the criteria for the selected priority and will provide you with notice (electronic or otherwise) of such change. Splunk will respond to Splunk Enterprise Support requests and will provide workarounds or fixes in accordance with the guidelines set forth in Section 2.5.4. 2.5.2. Splunk Global Support. Splunk Global Support provides the same services as defined as Enterprise support and also provides a dedicated resource to contact for meetings as frequently as weekly to monitor your support issues; to provide additional status reports and metrics; and to coordinate and execute a quarterly account status review at a mutually agreeable time. 2.5.3. Case Priority Levels. Case priorities are assigned based on the technical importance of the problem on your Splunk environment. P1 = Splunk Software is completely inaccessible or the majority of its functionality is unusable. P2 = One or more key features of Splunk Software are unusable. P3 = Any other case where a Splunk Software feature is not operating as documented. P4 = All enhancement requests. 2.5.4. Target Fix, Workaround, Escalation and Response Times. Initial Response & Acknowledgment, by case priority Targeted Fix Date or Workaround, by case priority P1: 4 hours P1: 1 day P2: Next business day P2: 1 week P3: Two business days P3: Next release P4: Two business days P4: At Splunk's discretion Escalation, by case priority Email Status Updates for Open Cases, by case priority P1: Manager: Immediate / VP: 1 business day P1: Daily P2: Manager: 1 business day / VP: 1 week P2: Weekly P3: VP Product Management reviews all open bugs quarterly P3: None P4: VP Product Management reviews all enhancement requests quarterly P4: None 2.5.5. Authorized Support Contacts. Support will be provided solely to the authorized individual(s) specified by you that Splunk will communicate with when providing Support ("Support Contacts"). Splunk strongly recommends that your Support Contact(s) be trained on the Software. Your Order Document(s) will indicate a maximum number of authorized Support Contacts for your license level. You will be asked to designate your authorized support contacts, including their primary email address and Splunk.com login ID, following Splunk's acknowledgment of your Order Document(s). 2.5.6. Defect Resolution. Should Splunk in its sole judgment determine that there is a defect in the Software, it will, at its sole option, repair that defect in the version of the Software that you are currently using or instruct you to install a newer version of the Software with that defect repaired. Splunk reserves the right to provide you with a workaround in lieu of fixing a defect should it in its sole judgment determine that it is more effective to do so. 2.5.7. Support Hours. Support is provided via telephone, email and web portal. Support will be delivered by a member of Splunk's technical support team during the regional hours of operation listed below. Enterprise Support Global Support P1: 24 x 7 P1: 24 x 7 P2: Monday through Friday by region (North America, APAC and EMEA) during standard business hours (8 am to 5 pm); excluding Splunk holidays P2: 24 hours per day during the five business days (Monday through Friday), excluding Splunk holidays P3: Monday through Friday by region (North America, APAC and EMEA) during standard business hours (8 am to 5 pm); excluding Splunk holidays P3: 24 hours per day during the five business days (Monday through Friday), excluding Splunk holidays P4: Monday through Friday by region (North America, APAC and EMEA) during standard business hours (8 am to 5 pm); excluding Splunk holidays P4: Monday through Friday by region (North America, APAC and EMEA) during standard business hours (8 am to 5 pm); excluding Splunk holidays 2.5.8. Your Obligation to Assist. Should you report a purported defect in the Software to Splunk, Splunk may require you to provide them with the following information: (a) a general description of the operating environment, (b) a list of all hardware components, operating systems and networks, (c) a reproducible test case, and (d) any log files, trace and systems files. Your failure to provide this information may prevent Splunk from identifying and fixing that purported defect. 2.5.9. Software Upgrades and Software End of Life Policy. When available, Splunk provides updates, upgrades, maintenance releases and reset keys only to Splunk Enterprise or Global Support customers. Splunk Software comes with a three digit number version. The first digit represents the major release (i.e. upgrade), the second digit identifies the minor releases (i.e. updates) and the third digit identifies the maintenance releases. With a new major version, the number to the left of the decimal is changed and for minor releases, the number to the right of the decimal point is increased. If your Splunk Enterprise or Global Support agreement expires, you will receive only maintenance releases, when available. Subject to the foregoing, Splunk provides full Support, including, when available, bug fixes, only on the current major release and (a) the immediately prior major release or (b) twenty-four months from the then current major release, whichever period is greater ("Supported Prior Versions"). 2.6. Changes in Support and Software. Subject to Section 2.5.9, You acknowledge that Splunk has the right to discontinue the manufacture and development of any Software and the Support for any Software, including, without limitation, the distribution of older Software versions, at any time in its sole discretion, provided that Splunk agrees not to discontinue Support for the Software during the current annual term of these Terms and Conditions, subject to the termination provisions herein. Splunk reserves the right to alter Support from time to time, using reasonable discretion but in no event shall such alterations result in (i) diminished support from the level of Support set forth herein; (ii) materially diminished obligations for Splunk; (iii) materially diminished your rights; or (iv) higher Support Fees during the then-current term. Splunk shall provide you with thirty (30) days prior written notice (delivered electronically or otherwise) of any permitted material changes to the Support contemplated herein. 3. TERM AND TERMINATION. 3.1. Term. These Terms and Conditions will commence on the date when Splunk delivers the license key for the Software to you and, unless terminated earlier in accordance with the terms of the Agreement, for a period of one (1) year thereafter (the "Initial Term"). The agreement will automatically renew for additional one (1)-year terms (each, a "Renewal Term," and the Initial Term, collectively with any and all Renewal Terms, shall be referred to as the "Support Term"), unless either party provides the other (or if purchased through a reseller, you provide reseller) with written notice of its intent not to renew the agreement at least thirty (30) days prior to the end of the then current Initial Term or Renewal Term. If you allow your Support Term to expire, then you may seek to re-activate Support by submitting a purchase order that includes fees for the lapsed period. 3.2. Survival. The rights and obligations of the parties contained in Sections 1 and 3.2 will survive the expiration or termination of the Agreement, these Terms and Conditions or any Order Document(s). 4. FORCE MAJEURE. Splunk will not be responsible for any failure or delay in its performance under these Terms and Conditions due to causes beyond its reasonable control, including, but not limited to, labor disputes, strikes, lockouts, shortages of or inability to obtain labor, energy, raw materials or supplies, war, acts of terror, riot, acts of God or governmental action. Splunk rev. 9.11.2013 Do you agree with this license? [y/n]: y This appears to be your first time running this version of Splunk. Copying '/opt/splunk/etc/openldap/ldap.conf.default' to '/opt/splunk/etc/openldap/ldap.conf'. Generating RSA private key, 1024 bit long modulus .....................++++++ ................................................................++++++ e is 65537 (0x10001) writing RSA key Generating RSA private key, 1024 bit long modulus .++++++ .............................++++++ e is 65537 (0x10001) writing RSA key Moving '/opt/splunk/share/splunk/search_mrsparkle/modules.new' to '/opt/splunk/share/splunk/search_mrsparkle/modules'. Splunk> The Notorious B.I.G. D.A.T.A. Checking prerequisites... Checking http port : open Checking mgmt port : open Checking configuration... Done. Creating: /opt/splunk/var/lib/splunk Creating: /opt/splunk/var/run/splunk Creating: /opt/splunk/var/run/splunk/appserver/i18n Creating: /opt/splunk/var/run/splunk/appserver/modules/static/css Creating: /opt/splunk/var/run/splunk/upload Creating: /opt/splunk/var/spool/splunk Creating: /opt/splunk/var/spool/dirmoncache Creating: /opt/splunk/var/lib/splunk/authDb Creating: /opt/splunk/var/lib/splunk/hashDb Checking critical directories... Done Checking indexes... Validated: _audit _blocksignature _internal _introspection _thefishbucket history main summary Done New certs have been generated in '/opt/splunk/etc/auth'. Checking filesystem compatibility... Done Checking conf files for problems... Done All preliminary checks passed. Starting splunk server daemon (splunkd)... Done Starting splunkweb... Generating certs for splunkweb server Generating a 1024 bit RSA private key .................++++++ .............................++++++ writing new private key to 'privKeySecure.pem' ----- Signature ok subject=/CN=<mon_serveur>/O=SplunkUser Getting CA Private Key writing RSA key Done If you get stuck, we're here to help. Look for answers here: http://docs.splunk.com The Splunk web interface is at http://<mon_serveur>:8000
Accéder à Splunk
Ajouter les règles de filtrage nécessaires, telles que :
# iptables -A INPUT -i eth0 -s <votre_ipv4_client> -p tcp -m tcp --dport 8000 -m comment "mon accès personnel à splunk" -j ACCEPT # ip6tables -A INPUT -i eth0 -s <votre_ipv6_client> -p tcp -m tcp --dport 8000 -m comment "mon accès personnel à splunk" -j ACCEPT
Se rendre sur la page d’administration de Splunk : http://<mon_serveur>:8000
S’authentifier sur l’interface d’administration : dans le cadre d’une première connexion, il s’agit du nom d’utilisateur admin avec le mot de passe changeme. Penser à modifier le mot de passe du compte admin.
Une fois sur la page d’administration de Splunk, ajouter des données afin de commencer à utiliser Splunk.
L’utilisation de Splunk fera l’objet d’un prochain billet 😉