All Apps and Add-ons

Why am I not getting performance logs after configuring the TA-nmon add-on?

asmach
Engager

Hello, 

I'm working with splunk 8.2.4 installed in Windows 11 OS 

I'm trying to collect performance log data from a linux virtual machine, I installed and configured the universal forwarder and followed all the configuration steps from NMON performance monitor userguide and I even followed the steps of the troubleshooting guide, but the problem is still the same : 

In the splunk server I only get the event types nmon_collect and nmon_clean, and get this error in the search app  : no files found in directory: /opt/splunkforwarder/var/log/nmon/var/csv_repository/*.csv

When running the nmon_helper.sh script manually from the cmd of the linux VM i get this error : 

asmach_0-1650208184279.png

Does anyone know the source of the problem and can help me to solve it please  🙂

And thanks in advance 😊 .

 

Labels (3)
Tags (3)
0 Karma
1 Solution

gjanders
SplunkTrust
SplunkTrust

You may be missing the library required by nmon. 

You might be able to use the CLI to find the library or something like 
libncurses rpm

In a search engine if this is a distro using rpm...or yum provides libncurses or similar...

View solution in original post

0 Karma

richgalloway
SplunkTrust
SplunkTrust

It sounds like you're trying to use the wrong tool for the job.  The NMON TA searches your network for devices, but does not collect performance data.  We may be able to help get the TA working, but that won't solve the problem about getting performance logs.

The TA you want is Splunk Add-on for Unix and Linux (https://splunkbase.splunk.com/app/833/).

---
If this reply helps you, Karma would be appreciated.
0 Karma

asmach
Engager

Please can you help me make the TA-nmon add-on work, im asked to create an app for performance monitoring using this specific add-on 

Thanks 🙂

0 Karma

gjanders
SplunkTrust
SplunkTrust

You may be missing the library required by nmon. 

You might be able to use the CLI to find the library or something like 
libncurses rpm

In a search engine if this is a distro using rpm...or yum provides libncurses or similar...

0 Karma

asmach
Engager

Thank you so much it solved my problem 😊

0 Karma

richgalloway
SplunkTrust
SplunkTrust

I'm guessing you're using a different TA-nmon than that I've used in the past.  The one I've used would never be able to meet your requirements.

Whenever a Linux program complains about a missing library, the usual solution is to install that library.  Use the installer appropriate for your distribution to find and install the necessary module (libncurses, in this case).

---
If this reply helps you, Karma would be appreciated.
0 Karma
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In September, the Splunk Threat Research Team had two releases of new security content via the Enterprise ...

New in Observability - Improvements to Custom Metrics SLOs, Log Observer Connect & ...

The latest enhancements to the Splunk observability portfolio deliver improved SLO management accuracy, better ...

Improve Data Pipelines Using Splunk Data Management

  Register Now   This Tech Talk will explore the pipeline management offerings Edge Processor and Ingest ...