hi @akarivaratharaj ,
Did either the answer or comments below solve your problem? If so, please resolve this post by approving it. If not, keep us updated so that someone else can help solve your problem.
Also, if you're feeling generous, give out an upvote to the user that helped ya. Our users love them upvotes. 🙂
also, have you checked out our community Slack chat?
If you want to try to get some immediate help for your question, you should join the 5000+ Splunk users in our public Slack Community chat. People ask each other for immediate help on there daily. You can share your question/link to your post there to see if anyone can take a stab at it.
You first have to request access through https://splk.it/slack Fill out the form, and once you receive the approval email from our Community Manager (usually the approval process may take a couple days), you can access Slack.com and ask for help in the #general channel.
EDIT : I have requested to update the page to reflect the correct procedure and now we have an explicit statement about the usage of add-on for data inputs
The host configurations are part of inputs.conf and you can enable the inputs as described in http://docs.splunk.com/Documentation/UnixAddOn/5.2.4/User/Enabledataandscriptedinputs
Once you have the data coming , you could configure the rest of the configurations using https://docs.splunk.com/Documentation/UnixApp/5.2.4/User/First-timeconfiguration
Even in the file inputs.conf, we dont have the options to specify the host details from which we need the data metrics. Only below are available:
interval = 0 0 * * *
disabled = 0
passAuth = splunk-system-user
Could anyone please help to configure the required hosts which I need to be monitored.
@akarivaratharaj , as mentioned above, the scripted inputs is available in add-on. Neverthless, if you want to set the host in the inputs.conf, you could set it in global settings under
[default] as host="your host name"
The environment could be distributed or stand alone but the forwarder should be installed on the machine from where we need to fetch the required metrics.
Am I right?
If so could you please suggest which kind forwarder can I install over there
@akarivaratharaj , hows your overall architecture looks like? If you have machines sending data to a central system, (says indexers) then you need to install the add-ons on all forwarders.
Yes even I got the same link when I was searching for the method to enable data input for the App for Unix & Linux.
So can we use the same steps of Add-on to enable the Data inputs in App also?
@ddrillic , @akarivaratharaj ,
As mentioned in the Comparison of the Splunk App and Splunk Technology Add-on for Unix and Linux ,
During the course of the development of the app, Splunk customers asked us for Unix and Linux knowledge and inputs packaged separately from the Splunk Web user interface components that are present in the full app. This request was often made in order to facilitate use on light or universal forwarders, or when the primary use case for Unix and Linux data is to correlate with other data sources in an app other than Splunk for Unix and Linux.
By looking at the contents of both the app and the add-on, you need the add-on as well to enable data inputs on the forwarders. The configuration documentation of the APP in App Configuration also directs to the addon configuration for inputs
To enable or disable the data and scripted inputs for the Splunk Add-on for Unix and Linux, review "Enable data and scripted inputs" in this manual.