Could i Install Splunk_TA_nix on debian?

ammul440 · ‎03-07-2019

Please suggest I am finding difficult in configuing the host on splunk server to monitor apache logs.
I have installed splunk server on debian. I have a web GUI now.
I have installed universalforwader on host (the host where the apachelogs are configured) as per the link below.

https://www.learnsplunk.com/how-to-send-linux-logs-to-splunk.html

now my question is here finding or installing the Splunk_TA_nix app on debian? please suggest

chrisyounger · ‎03-07-2019

Yes you can install the Splunk_TA_Nix on Debian. Follow the instructions here: http://docs.splunk.com/Documentation/AddOns/released/UnixLinux/About

This will allow you to monitor the system health. You don't need this app to monitor apache logs though.

All the best.

ammul440 · ‎03-07-2019

Thanks for the reply.

Splunk_TA_apache app was installed to monitor apache logs. unforunately after adding data input i am unable to moniotr the logs as it says "No result found".

source="/var/log/apache2/access.log" host="example.com" index="main" sourcetype="apache:access"

these are my inputs.conf
[monitor:///var/log/apache2/access.log]
disabled = 1
host = example.com
index = main
sourcetype = apache:access

https://docs.splunk.com/Documentation/AddOns/released/ApacheWebServer/Configure -- shuld i set this up in sites-available?

chrisyounger · ‎03-07-2019

make sure you set disabled=0

ammul440 · ‎03-08-2019

yes i have tried setting this also. but still i could not see anything

Could i Install Splunk_TA_nix on debian?

.conf24 | Registration Open!

ICYMI - Check out the latest releases of Splunk Edge Processor

Introducing the 2024 SplunkTrust!