Configure systemd to manage splunkd
You can use either of the following two methods to configure systemd to manage splunkd as a service:
- Configure systemd using enable boot-startNo Content found for /db/organizations/splunk/repositories/splunk-10_4/content/documents/Platform/Splunk/Splunk_Admin/RunSplunkassystemdservice/configure_systemd_using_enable_boot-start.dita#id_6a55a275_9823_45d9_9ba9_773c9167fd61/Configure_systemd_using_enable_boot-start.
- Configure systemd manually.
systemd using enable boot-start, a Splunk service unit file is created automatically. No additional manual configuration is required.
System requirements
For a list of supported Linux distributions, see System requirements for use of Splunk Enterprise on-premises.
- To configure
systemdusingenable boot-startrequires Splunk Enterprise version 7.2.2 or later. - To enable workload management in Splunk Enterprise under
systemdrequiressystemdversion 219 or higher. For more information, see Linux operating system requirements in the Workload Management manual. - Splunk Enterprise 9.4 and higher supports Linux cgroups version 2 by default.
Permissions requirements
The enable boot-start command and systemd have the following permissions requirements:
- Non-root users must have super user permissions to configure
systemdusingenable boot-start. - Non-root users must have super user permissions to run
splunk start|stop|restartoperations undersystemd.
Unprivileged users must use sudo to run splunk start|stop|restart. If you do not use sudo and attempt to run splunk start|stop|restart when managed by systemd, a prompt appears requesting authentication. For example:
==== AUTHENTICATING FOR org.freedesktop.systemd1.manage-units ===
Authentication is required to manage system services or units.
Multiple identities can be used for authentication:
1. <username_1>
2. <username_2>
Choose identity to authenticate as (1-2): 2
Password:
==== AUTHENTICATION COMPLETE ===Alternately, you can install polkit rules with the enable boot-start command to allow unprivileged users to run start|stop|restart operations under systemd without using sudo. For instructions, see Install polkit rules to elevate user permissions.
Unit file naming considerations
The enable boot-start command creates a systemd unit file named Splunkd.service. The unit file name is based on the SPLUNK_SERVER_NAME in splunk-launch.conf, which is set by default to Splunkd.
If for any reason you remove the SPLUNK_SERVER_NAME value from splunk-launch.conf, enable boot-start creates a unit file named splunkd.service (lower case "splunkd") and sets SPLUNK_SERVER_NAME=splunkd in the splunk-launch.conf file.
You can specify a different name of your choice for the unit file when you run enable boot-start. See Specify a different unit file name.