Is there a detailed list of collected data that Splunk add-on for unix and linux collects?
I found this: documentation but it is not so detailed.
For example what does means TCPrexmits (sourcetype=protocol)?
Is this Add-on collect also how many packets have been retransmitted?
Annoyingly, in the example you provided, it appears the TCPrexmits is a row header produced by the protocol.sh and not actually defined within the unix command. I can't tell from the script what that field name is meant to represent. As such, this is something I'm discussing with folks internally....but no promises.
BTW: Merely reading the field name TCPrexmits, I believe it's shorthand for: TCP retransmits. So I guess the number of times packets had to be resent? I'm also being told it could map to the re-transmission timeout.