All Apps and Add-ons

Scripted Inputs for *Nix

AlexMcDuffMille
Communicator

Hello,

I'm having a hard time funding the documentation for the scripts that come with the standard installation of the Splunk for Unix and Linux app. Where can I go to find out what kinds of statistics these scripts are actually gathering individually?

Thanks,
Alex

0 Karma

adrianathome
Communicator

You can run script manually and see the output too.

0 Karma

lukejadamec
Super Champion

I have not found any documentation on what the scripts do either. So far as I can tell, the way you find out what the scripts do is to read the scripts.

The scripts are located in the etc/apps/unix/bin folder.

Unfortunately, there are not a lot of informative comments included in the scripts. Modifying the scripts to include comments would be an enhancement.

lukejadamec
Super Champion

The scripts are in the unix app or TA_nix app depending on which one you installed. You can find them in the bin folder.
splunk/etc/apps/unix/bin
If you cannot "locate" the cpu.sh script, the you probably have a permission problem.

0 Karma

Vebloud
Explorer

There is not folder like this when I install app. Folder is splunk_app_for_nix. Its not reflected in documentation.
Also there is no setup.sh in bin folder, so how should I enable inputs?

0 Karma

AlexMcDuffMille
Communicator

I'm not seeing the 'apps' directory within etc/.

I ran 'locate cpu.sh' and it did not come up with anything.

0 Karma

lukejadamec
Super Champion

The scripts for collecting data are on the server that is being monitored.

0 Karma

AlexMcDuffMille
Communicator

Is that on the Splunk server, or the server that I am monitoring?

0 Karma
Get Updates on the Splunk Community!

Edge Processor | New Resiliency Improvements & Support for Additional Data Sources

We are excited to announce several exciting updates for Edge Processor aimed at hardening overall product ...

Splunk Certification Support Alert | Pearson VUE Outage

Splunk Certification holders and candidates!  Please be advised of an upcoming system maintenance period for ...

Enterprise Security Content Update (ESCU) | New Releases

In September, the Splunk Threat Research Team had two releases of new security content via the Enterprise ...