Merge pull request #1083 from rcastley/main

Helper script for Splunk Enterprise 10

ct/splunk-enterprise.sh

@@ -0,0 +1,41 @@
+#!/usr/bin/env bash
+source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVED/main/misc/build.func)
+# Copyright (c) 2021-2025 community-scripts ORG
+# Author: rcastley
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://www.splunk.com/en_us/download.html
+
+APP="Splunk-Enterprise"
+var_tags="${var_tags:-monitoring}"
+var_cpu="${var_cpu:-4}"
+var_ram="${var_ram:-8192}"
+var_disk="${var_disk:-40}"
+var_os="${var_os:-ubuntu}"
+var_version="${var_version:-24.04}"
+var_unprivileged="${var_unprivileged:-1}"
+
+header_info "$APP"
+variables
+color
+catch_errors
+
+function update_script() {
+    header_info
+    check_container_storage
+    check_container_resources
+    if [[ ! -d /opt/splunk ]]; then
+        msg_error "No ${APP} Installation Found!"
+        exit
+    fi
+    msg_error "Currently we don't provide an update function for this ${APP}."
+    exit
+}
+
+start
+build_container
+description
+
+msg_ok "Completed Successfully!\n"
+echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
+echo -e "${INFO}${YW}Access the Splunk Enterprise Web interface using the following URL:${CL}"
+echo -e "${TAB}${GATEWAY}${BGN}http://${IP}:8000${CL}"

frontend/public/json/splunk-enterprise.json

@@ -0,0 +1,48 @@
+{
+    "name": "Splunk Enterprise",
+    "slug": "splunk-enterprise",
+    "categories": [
+        9
+    ],
+    "date_created": "2025-11-06",
+    "type": "ct",
+    "updateable": false,
+    "privileged": false,
+    "interface_port": 8000,
+    "documentation": "https://help.splunk.com",
+    "config_path": "",
+    "website": "https://www.splunk.com/en_us/download/splunk-enterprise.html",
+    "logo": "https://www.splunk.com/content/dam/splunk2/en_us/images/icon-library/footer/logo-splunk-corp-rgb-k-web.svg",
+    "description": "Platform for searching, monitoring, and analyzing machine-generated data at scale for operational intelligence and security.",
+    "install_methods": [
+        {
+            "type": "default",
+            "script": "ct/splunk-enterprise.sh",
+            "resources": {
+                "cpu": 4,
+                "ram": 8192,
+                "hdd": 40,
+                "os": "Ubuntu",
+                "version": "24.04"
+            }
+        }
+    ],
+    "default_credentials": {
+        "username": null,
+        "password": null
+    },
+    "notes": [
+        {
+            "text": "The credentials to login can be found in splunk.creds.",
+            "type": "info"
+        },
+        {
+            "text": "Trial license allows indexing 500 MB/Day. After 60 days you can convert to a perpetual free license or purchase a Splunk Enterprise license to continue using the expanded functionality designed for enterprise-scale deployments.",
+            "type": "warning"
+        },
+        {
+            "text": "About Splunk Free License: https://help.splunk.com/en/splunk-enterprise/administer/admin-manual/10.0/configure-splunk-licenses/about-splunk-free",
+            "type": "info"
+        }
+    ]
+}

install/splunk-enterprise-install.sh

@@ -0,0 +1,79 @@
+#!/usr/bin/env bash
+# Copyright (c) 2021-2025 community-scripts ORG
+# Author: rcastley
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://www.splunk.com/en_us/download.html
+
+source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
+color
+verb_ip6
+catch_errors
+setting_up_container
+network_check
+update_os
+
+echo -e "${TAB3}┌─────────────────────────────────────────────────────────────────────────┐"
+echo -e "${TAB3}│                          SPLUNK GENERAL TERMS                           │"
+echo -e "${TAB3}└─────────────────────────────────────────────────────────────────────────┘"
+echo ""
+echo -e "${TAB3}Before proceeding with the Splunk Enterprise installation, you must"
+echo -e "${TAB3}review and accept the Splunk General Terms."
+echo ""
+echo -e "${TAB3}Please review the terms at:"
+echo -e "${TAB3}${GATEWAY}${BGN}https://www.splunk.com/en_us/legal/splunk-general-terms.html${CL}"
+echo ""
+
+while true; do
+    echo -e "${TAB3}Do you accept the Splunk General Terms? (y/N): \c"
+    read -r response
+    case $response in
+        [Yy]|[Yy][Ee][Ss])
+            msg_ok "Terms accepted. Proceeding with installation..."
+            break
+            ;;
+        [Nn]|[Nn][Oo]|"")
+            msg_error "Terms not accepted. Installation cannot proceed."
+            msg_error "Please review the terms and run the script again if you wish to proceed."
+            exit 1
+            ;;
+        *)
+            msg_error "Invalid response. Please enter 'y' for yes or 'n' for no."
+            ;;
+    esac
+done
+
+msg_info "Setup Splunk Enterprise"
+DOWNLOAD_URL=$(curl -s "https://www.splunk.com/en_us/download/splunk-enterprise.html" | grep -o 'data-link="[^"]*' | sed 's/data-link="//' | grep "https.*products/splunk/releases" | grep "\.deb$")
+RELEASE=$(echo "$DOWNLOAD_URL" | sed 's|.*/releases/\([^/]*\)/.*|\1|')
+$STD curl -fsSL -o "splunk-enterprise.deb" "$DOWNLOAD_URL" || {
+    msg_error "Failed to download Splunk Enterprise from the provided link."
+    exit 1
+}
+$STD dpkg -i "splunk-enterprise.deb"
+rm -f "splunk-enterprise.deb"
+msg_ok "Setup Splunk Enterprise v${RELEASE}"
+
+msg_info "Creating Splunk admin user"
+ADMIN_USER="admin"
+ADMIN_PASS=$(openssl rand -base64 18 | tr -dc 'a-zA-Z0-9' | head -c13)
+{
+    echo "Splunk-Credentials"
+    echo "Username: $ADMIN_USER"
+    echo "Password: $ADMIN_PASS"
+} >> ~/splunk.creds
+
+cat > "/opt/splunk/etc/system/local/user-seed.conf" << EOF
+[user_info]
+USERNAME = $ADMIN_USER
+PASSWORD = $ADMIN_PASS
+EOF
+msg_ok "Created Splunk admin user"
+
+msg_info "Starting Service"
+$STD /opt/splunk/bin/splunk start --accept-license --answer-yes --no-prompt
+$STD /opt/splunk/bin/splunk enable boot-start
+msg_ok "Started Service"
+
+motd_ssh
+customize
+cleanup_lxc