All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Splunk App for Unix and Linux: How to monitor servers?

ananthan123
Explorer
‎06-05-2017 09:17 AM

Hello,

We have around 100+ linux servers and would like to monitor them using Splunk. I have installed Splunk App for Unix and Linux, but it doesn't have monitoring feature. Am I missing some there here? Or I need to install different app for it ?

0 Karma
Reply

mattymo
Splunk Employee
Splunk Employee
‎06-05-2017 09:36 AM

Please define "monitoring"

What are you expecting to achieve?

There are a couple TAs available to collect metrics and logs from linux servers, namely:

https://splunkbase.splunk.com/app/3412/ << addon for linux which uses collectd

https://splunkbase.splunk.com/app/833/ << the classic nix TA which has a collection of monitors and scripts

Which both feed the Splunk *nix App (https://splunkbase.splunk.com/app/273/) for visualization. The one I assume you are referring to?

Or my personal fav, the nmon app:

https://splunkbase.splunk.com/app/1753/

These all provide pieces that can help you monitor certain metrics and logs as a nix admin.

Then, as always with Splunk, you have all the power to create your own!!

The main idea is to use a Technical Add-on (TA) to collect the data from the nix server and use the "Apps" to visualize and report.

- MattyMo
Reply

ananthan123
Explorer
‎06-05-2017 11:09 AM

Thank you very much for your answer. I already installed addons, what I want is need to ping all the servers every 5 minutes and check whether up or down, if it is down, need to send the alert email. I couldn't find it under addons.

0 Karma
Reply

mattymo
Splunk Employee
Splunk Employee
‎06-06-2017 06:41 AM

These apps don't have that specific ability, but technically you can easily do a similar thing by alerting on hosts who havent sent logs to you in greater than n minutes, or use the "missing forwarders" alert in the Management Console.

It would probably not be all that hard to custom build an input that pinged all your hosts either

- MattyMo
0 Karma
Reply
Get Updates on the Splunk Community!

Fastest way to demo Observability

I’ve been having a lot of fun learning about Kubernetes and Observability. I set myself an interesting ...

September Community Champions: A Shoutout to Our Contributors!

As we close the books on another fantastic month, we want to take a moment to celebrate the people who are the ...

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

It’s Monday morning, and your phone is buzzing with alert escalations – your customer-facing portal is running ...