Re: pingstatus command: Why am I getting "Unknown ...

wburns0185k · ‎02-19-2016

I have been using Pingstatus to search for PCs that are in an "Up" state and looking at the number of connected users to find a load balancer issue. This works perfectly as a search, but when I try to set up an alert for this, I receive no errors, but also receive no alerts.

When troubleshooting, the search returns no results. It flags my pingstatus call as an "Unknown command 'pingstatus'. Do you mean 'sistats'?"

I've tried playing with the permissions of the Pingstatus app to make sure it was running, but it runs in the Search and Reporting app... which I assume is where alerting runs out of anyway.

Help?

sourcetype="VDI_Server_IP" |pingstatus url as IP1| table DataCenter, IP1, pingdelay|sort -DataCenter|eval range = if(pingdelay >0, "1","0")|stats sum(range) by DataCenter|rename sum(range) as check

ndoshi · ‎03-25-2016

The README.txt explains that you need to set up commands.conf and authorize.conf for the command.

Copy the bin/pingstatus.py bin/ping.py and (optional) bin/ping.pyc files to your
$SPLUNK_HOME/etc/system/bin directory. Then, in your local
$SPLUNK_HOME/etc/system/local directory, create or edit existing authorize.conf
and commands.conf.

In commands.conf add:

[pingstatus]
FILENAME = pingstatus.py

In authorize.conf add:

[capability::run_script_pingstatus]

[role_admin]
run_script_pingstatus = enabled

Restart Splunk to test the commmand.

pingstatus command: Why am I getting "Unknown command 'pingstatus'" trying to set up an alert?

Welcome to the Splunk Community!

Tech Talk | Elevating Digital Service Excellence: The Synergy of Splunk RUM & APM

Adoption of RUM and APM at Splunk