All Apps and Add-ons
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Linux data collection

roopeshetty
Path Finder
‎06-12-2019 09:36 AM

Hi Guys,

We are using Splunk Cloud and we have a requirement to get the Linux performance counter data (CPU, Memory and Disk usage) from few Linux servers in our data center.

What we did is ;

  1. Installed the “Splunk Add-on for Unix and Linux” on our Splunk Cloud.
  2. Installed the “Splunk Add-on for Unix and Linux” on the universal forwarder of the Linux server and enabled the required scripts which we wanted to send the data of and then restarted the universal forwarder.
  3. Now we go to the App “Splunk Add-on for Unix and Linux” on our Splunk Cloud and we get the message as below;

“Splunk Add-on for Unix and Linux: Setup; Please set up this add-on on your forwarders. Documentation on how to configure this add-on is here”

Can some one tell me what is wrong here, why not getting the data.

0 Karma
Reply

richgalloway
SplunkTrust
SplunkTrust
‎06-12-2019 09:50 AM

When you say you installed the add-on on your cloud, do you mean the indexers or search heads? It should be installed on the indexers.
What index is the forwarder writing to? Does the index exist on the indexers?

---
If this reply helps you, Karma would be appreciated.
0 Karma
Reply

roopeshetty
Path Finder
‎06-12-2019 09:58 AM

its cloud splunk hence i assume its indexers+search heads both same there. index is main hence it exist there.

0 Karma
Reply

jnudell_2
Builder
‎06-12-2019 10:09 AM

That's a bad assumption. In SplunkCloud the indexers & search heads are usually separate. If you installed the TA on the search head, then you will still need to install it on the indexer.

0 Karma
Reply
Get Updates on the Splunk Community!

[Puzzles] Solve, Learn, Repeat: Dynamic formatting from XML events

This challenge was first posted on Slack #puzzles channelFor a previous puzzle, I needed a set of fixed-length ...

Enter the Agentic Era with Splunk AI Assistant for SPL 1.4

  🚀 Your data just got a serious AI upgrade — are you ready? Say hello to the Agentic Era with the ...

Stronger Security with Federated Search for S3, GCP SQL & Australian Threat ...

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...