All Apps and Add-ons
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Splunk_TA_nix

edwardrose
Contributor
‎09-11-2018 10:25 AM

Hello All,

So on a quite a few of our Splunk servers we are running Splunk as a non-root user. Well we deploy Splunk_TA_nix 6.0.0 to all our Linux clients. Quite a few of the scripts that get run as part of the TA_nix add-on require root privs to execute properly. How do I get around this?

Thanks
ed

0 Karma
Reply

sloshburch
Ultra Champion
‎01-03-2019 09:28 AM

Ultimately, you'll need to make sure the unix ID running Splunk can run the requisite commands on the command line of the unix OS terminal/command prompt without errors.

Often, this is resolved by having the admin of the OS provide the permissions needed.

If you end up working on collecting files as well, this post might be of help: Which UNIX permissions are best for monitoring files?

0 Karma
Reply

sloshburch
Ultra Champion
‎01-07-2019 10:52 AM

Actually, what commands have root requirement? I'm not seeing any.

Even though the processes they use might be owned by root, those commands should ultimately have the permissions -rwxr-xr-x so group and other users can read and execute. The same is true for the parent directory of those commands.

0 Karma
Reply

michael_schmidt
Path Finder
‎01-07-2019 10:57 AM

I'd bet a dollar that the deployment server is Windows based. Windows based deployers totally foul up the permissions of the TA_nix when they push it.

0 Karma
Reply

sloshburch
Ultra Champion
‎01-16-2019 12:20 PM

In that theme, here's more info that delve into the Windows considerations: What are best practices for deploying the Splunk Add-on for Unix and Linux in a distributed environm...

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Quantify Your Splunk Investment Impact: Introducing Savings Metrics to Value Insights

Building on the foundation established in our initial Value Insights releases, we are introducing the Savings ...

Event Series: Telemetry Pipeline Management

Balancing Scale and Spend: Gaining Control Over High-Volume Metrics in Splunk Observability Cloud As ...

Kick the Tires Before You Commit: A Hands-On Tour of the Splunk Observability Cloud ...

Evaluating an enterprise observability platform usually goes like this: fill out a form, get a free trial with ...