- Apps and Add-ons
- :
- All Apps and Add-ons
- :
- Not able to see the app Splunk TA for *nix in Spl...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Not able to see the app Splunk TA for *nix in Splunk Home
Hi,
I have installed the TA on a universal forwarder on a Linux machine and when I try to access the app through Splunk Web, I do not see it available to me. I see the Search and Getting Started apps but not the Splunk App for Unix and Linux.
I have completed the installation steps as per the documentation and am very new to Splunk so will appreciate if someone can guide me how to fix this.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The Splunk_TA_nix is an add-on that you put on the Universal Forwarders.
The Splunk App for Unix is a full-blown application (with Views) that you install on your Search Head.
It sounds like you haven't installed the Splunk App for Unix on your Search Head.
Also, once you DO have it running on your Search Head, note that the Splunk App for Unix will not automatically see your Universal Forwarders, you have to manually add them to appropriate Categories and Groups under Settings > Categories
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The Splunk for Unix and Linux TA doesn't contain any of the web files you're looking for. It's meant to be the small portion to install on UF's and other server that are just sending data somewhere else. You need to install the regular version of the app: link text
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Actually, the TA does contain a web interface to allow admins to set up the TA.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I'm confused though, do you have the Splunk for Unix App installed (on the search head) as well, or just the TA for Unix? Both would be required before there would be any visible "App".
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Failure to read on my part, missed that you were installing on UF.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
But you shouldn't have both installed on the same host. The TA is the portion you would install on your forwarders as it doesn't contain the web interface pages. The normal Splunk for Unix/Linux app (non TA) is what you need on your Search server.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Are you looking in the App dropdown on the top right?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
it looks like you might not have extracted properly (the path should be splunk/etc/apps/Splunk_TA_nix/(and following subfolders /appserver /bin /default /lookups /metadata /samples)
If this is the case check that splunk/etc/apps/Splunk_TA_nix/default/app.conf has:
[ui]
is_visible = true
Webinar Recap | Revolutionizing IT Operations: The Transformative Power of AI and ML ...
.conf24 | Registration Open!
ICYMI - Check out the latest releases of Splunk Edge Processor
