All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Splunk-on-Splunk : should there be a pre-made dashboard?

borgy95
Path Finder
‎05-07-2015 01:55 AM

Hi,

I've just installed the splunk-on-splunk app on our splunk deployment... A pretty small deployment that's single tier, i was under the impression the app came with premade dashboards for checking the health of ones deployment? Is this true? becuae when i select the app i am greeted by a blank screen and an invitation to start creating panels. Which i'd gladly do but i have zero reference on what kind stuff i'm going to query. In this case can someone point me in the right direction for a reference on how to query the sos db.

thanks

Reply
1 Solution
Solved! Jump to solution
Solution

hexx
Splunk Employee
Splunk Employee
‎05-07-2015 03:55 AM

This is not normal. In all likelihood, there is an issue with the post-installation step that is supposed to put views back in place if the dependency on Sideview Utils is found to be fulfilled.

I would recommend to take the following steps:

  • Check that the latest version of S.o.S is installed
  • Check that the latest version of Sideview Utils is installed
  • Reload the S.o.S home view
  • If this doesn't solve the problem, go to $SPLUNK_HOME/etc/apps/sos/default/data/ui/views and manually rename every view file from *.bak to *.xml, then restart Splunk

View solution in original post

Reply
Solved! Jump to solution
Solution

hexx
Splunk Employee
Splunk Employee
‎05-07-2015 03:55 AM

This is not normal. In all likelihood, there is an issue with the post-installation step that is supposed to put views back in place if the dependency on Sideview Utils is found to be fulfilled.

I would recommend to take the following steps:

  • Check that the latest version of S.o.S is installed
  • Check that the latest version of Sideview Utils is installed
  • Reload the S.o.S home view
  • If this doesn't solve the problem, go to $SPLUNK_HOME/etc/apps/sos/default/data/ui/views and manually rename every view file from *.bak to *.xml, then restart Splunk
Reply
Solved! Jump to solution

borgy95
Path Finder
‎05-07-2015 07:06 AM

Hey thanks for this! It turned out the apps packages i had downloaded from the website were bogus..

It was your comment:

"If this doesn't solve the problem, go to $SPLUNK_HOME/etc/apps/sos/default/data/ui/views and manually rename every view file from *.bak to *.xml, then restart Splunk"

When i looked in the dir i saw 0 views! so figured something must have gone wonky in the dl/copying. anyway its looking much healthier now...

However when i go to enable the scripts, the following error is throwing itself up...

"Error occurred attempting to enable /opt/splunk/etc/apps/sos/bin/ps_sos.sh: In handler 'script': Could not find writer for: /nobody/sos/inputs/script://./bin/ps_sos.sh [1] [/opt/splunk/etc]."

I've check ownership and permissions on the scripts at the cli and alls good. any other ideas? I choose the lazy option this time and choose to install the app via the splunkweb interface where you can just upload the tarball... If it makes a difference.

Thanks!

0 Karma
Reply
Solved! Jump to solution

borgy95
Path Finder
‎05-07-2015 07:17 AM

It was permissions error... as i thought.. .i just had to change the perm of every file in the app.

0 Karma
Reply
Get Updates on the Splunk Community!

Observe and Secure All Apps with Splunk

  Join Us for Our Next Tech Talk: Observe and Secure All Apps with SplunkAs organizations continue to innovate ...

Splunk Decoded: Business Transactions vs Business IQ

It’s the morning of Black Friday, and your e-commerce site is handling 10x normal traffic. Orders are flowing, ...

Fastest way to demo Observability

I’ve been having a lot of fun learning about Kubernetes and Observability. I set myself an interesting ...